The "deliberate actions" of a now-fired senior engineer at Customer.io put at risk email addresses of six client companies, including NFT marketplace OpenSea. The email delivery vendor did not specify how many individuals are now at elevated risk of phishing attacks.
Four ISMG editors discuss important cybersecurity issues, including the hot topics at ISMG roundtable discussions - such as challenges around software supply chain security, highlights from ISMG's upcoming Healthcare Summit, and how some cybersecurity vendors are creating their own venture funds.
The rapid shift to remote working early in the pandemic and the discovery of serious new flaws such as Log4j have driven criminals to continue probing "what's vulnerable, and how to exploit it," says Casey Ellis, CTO and founder of Bugcrowd. Here's how he recommends organizations respond.
Trellix has just released a new report on cyber war activities in Ukraine. John Fokker discusses the key findings, how this war is reshaping global cybercrime dynamics, and how traditional cybercriminals and nation-state adversaries and blending their activities.
It's been a year since President Biden's executive order that called out zero trust as a primary focus. Richard "Chit" Chitamitre of Corelight discusses the prevalent misunderstandings about zero trust, as well as use cases for how to embrace the framework and make measurable progress along the way.
A "coordinated and professional malware attack" against SHI left the company without email or public websites for days while the hack was investigated. SHI took its public websites and email offline after being hit during the July Fourth holiday weekend to assess the integrity of those systems.
Google's move to soon begin deleting location history pertaining to individuals' visits to facilities offering sensitive healthcare services is a step in the right direction, but experts say technology firms and others could do more to better protect the privacy of health data.
Lockdown Mode will be available to all users who update to the latest versions of Apple operating systems this fall. This "extreme" protection will stop spyware infections through restrictions that render message attachments inaccessible, webpages slower to load and FaceTime calls harder to make.
Raising user awareness is too often incorrectly considered to be a panacea for faulty information security programs. "It can drive risk reduction, but it is not the primary driver of risk reduction," says Adam Wedgbury, head of enterprise security architecture at Airbus.
FBI Director Christopher Wray and MI5 Director General Ken McCallum put business and academic leaders on alert over Chinese government-led intellectual property theft, telling an audience in London to think twice about doing business with Beijing.
Employees are leaving at an unprecedented rate. As a result, the Great Resignation has created more opportunities for data loss than ever before. According to the 2022 Voice of the CISO report, CISOs agree that protecting data has become an increased challenge. So, how do you protect your organization against data...
McDonald’s Corporation is the world’s largest restaurant chain. Just like every organization, McDonald’s is concerned that threat actors are targeting their employees across the world. It only takes one person to click on a malicious link and create a data breach. Thus, one of their key initiatives is empowering...
The U.S. Department of Defense continues to experiment with bug bounties to draw in vulnerability reports from outside white hat hackers. It kicked off a new test program for continuous rewards on America's Independence Day by setting aside a pool of $110,000.
IBM has purchased a data observability startup to help organizations address data errors, pipeline failures and poor quality before it affects their bottom line. Databand.ai will help businesses ensure that trustworthy data is being put into the hands of the right users at the right time.
Federal authorities are alerting healthcare and public health sector entities of threats involving North Korean state-sponsored "Maui" ransomware. Attackers use the malware to maliciously encrypt diagnostics procedures, medical imaging, and medical center intranet services.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.