If Russia uses hack attacks to support its invasion, would Western governments want to immediately attribute those attacks or disruptions? Enter a Thursday alert from the U.S. government warning that it is "aware of possible threats to U.S. and international satellite communication networks."
It is critical for medical device manufacturers to take a threat modeling approach early in a product's design stage, say MITRE medical device cybersecurity experts Margie Zuk and Penny Chase, co-authors of the recently released Playbook for Threat Modeling Medical Devices commissioned by the FDA.
Federal authorities are warning about seven vulnerabilities affecting a software agent used to remotely manage an array of medical devices and other connected gear. If exploited, the vulnerabilities could enable hackers to gain full control of the affected devices or alter their configurations.
Guidance from the Healthcare Sector Coordinating Council provides healthcare delivery organizations and vendors with recommendations for including cybersecurity in contracts pertaining to the procurement of medical device products and related services.
Critical cybersecurity gaps in smart infusion pumps have put the data and care of hundreds of patients at risk, according to researchers at Unit 42 of cybersecurity firm Palo Alto Networks. They say that 75% of the 200,000 smart infusion pump networks they scanned contained known security gaps.
Since 2019, the Global Cyber Alliance has been using a custom IoT honeypot solution that identifies global attack risks and collects data about IoT attacks. Leslie Daigle discusses its findings about how threats have evolved and offers advice on how to better secure IoT devices and tech.
ThycoticCentrify renames itself Delinea to grow as a "seamless" security solution. Other acquisitions focus on providing tools to developers to better secure applications and software, boost healthcare device security, fight against chargeback fraud and bring smaller organizations into compliance.
Among the simplest things that vendors can do to help improve the cybersecurity of their products is providing better transparency, especially regarding the third-party components contained in their technology, says Rob Suárez, CISO of medical device maker Becton Dickinson.
The latest edition of the ISMG Security Report features an analysis of how attackers are distributing Night Sky crypto-locking malware to exploit Log4j vulnerabilities, lessons learned from Log4j and a security flaw that affects some Tesla-built vehicles.
As staff increasingly connect to networks using internet of things devices, researchers have found a new way of detecting malware on IoT devices. The method leverages electromagnetic field emanations and can detect stealthy malware on the devices even in the presence of obfuscation techniques.
Ransomware has captured the attention of many due to its far-reaching impacts on industrial control systems (ICS) and has become the primary attack vector for many industrial organisations in 2021. Once a problem that only affected IT infrastructure, incidents like Colonial Pipeline, Honeywell, and JB Foods showed...
Health technology providers - including makers of mobile health apps, personal health records, fitness devices and other related products - must keep a watchful eye on critical evolving privacy and regulatory issues in the months ahead, says attorney Brad Rostolsky of the law firm Reed Smith.
Preventing rogue device attacks is a critical component of Baptist Health's zero trust strategy, says Michael Erickson, CISO of the healthcare delivery system, which operates nine hospitals and other care facilities in Kentucky and Indiana.
The Cloud Security Alliance's new medical device incident response playbook aims to help healthcare entities plan for security incidents involving different types of devices, taking into consideration varying patient safety issues, say co-authors Christopher Frenz of Mount Sinai South Nassau and Brian Russell of...
As Russia masses troops on its border with Ukraine, the White House says Russian disinformation campaigns have been aimed at destabilizing Ukraine's government, while experts have seen a surge in "cyber intrusions" against infrastructure, banking and government targets in advance of a potential invasion.