With the surge in telehealth use during the COVID-19 pandemic, healthcare organizations must be prepared to deal with cloud security and privacy risks, says Jim Angle of Trinity Health, who is the author of a recent report from the Cloud Security Alliance.
The National Institute of Standards and Technology has released the final version of its "zero trust" architecture guidelines that provide a road map for using the architecture in security programs.
While the exposure of insecure databases on the internet is relatively common, a recent incident featured an unusual twist - the data was mysteriously deleted.
President Donald Trump's executive order banning the Chinese-owned TikTok and WeChat apps could prove to be unenforceable, some privacy and security specialists say. But some Republican lawmakers hailed the move, citing the national security risks posed by the apps.
A security researcher says voting equipment in the U.S. is still riddled with security flaws that opportunistic foreign adversaries could use to pose a threat to the November election. Meanwhile, the director of CISA calls Russian ransomware attacks one of the biggest threats to the election.
A vulnerability that can impede the boot-loading process of an operating system could potentially affect billions of Linux and Windows machines, according to Eclypsium. The flaw, called "BootHole," could enable an attacker to gain near total control of an infected device.
How many different shades of bizarre is the data breach notification issued by software vendor Blackbaud? Over the course of three paragraphs, Blackbaud normalizes hacking, congratulates its amazing cybersecurity team, and says it cares so much for its customers that it paid a ransom to attackers.
CISA is warning that threat actors are actively exploiting a remote code execution vulnerability in F5's BIG-IP network products that can lead to data exfiltration and other security issues. Earlier, researchers and F5 had urged users to patch the flaw.
The NSA and CISA issued a joint warning that U.S. critical infrastructure is increasingly becoming a hacking target and organizations need to guard against attacks. The alert notes that remote access to OT systems by a decentralized workforce creates risk.
The rapid pace of change for the the industrial internet of things will open up new risks for attacks and will require close attention to security, according to a new study from the Lloyd's Register Foundation.
As ransomware and other cyberattacks on healthcare organizations surge, the potential risks to medical devices are growing, says Kelly Rozumalski, director of secure connected health initiatives at the consulting firm Booz Allen Hamilton, who discusses risk mitigation efforts.
The New York State Department of Financial Services has filed civil charges against First American Title Insurance Co., which has been accused of exposing hundreds of millions of documents that contained customers' mortgage and personal data.
As organizations that shifted to a remote workforce consider allowing some workers to return to the office environment, CISOs must reassess their security infrastructures, says Chris Kubic of Fidelis Cybersecurity, who formerly was CISO at the National Security Agency.
Microsoft is urging its customers to patch a "wormable" vulnerability affecting the Windows Server operating system that could allow an attacker to exploit an organization's entire infrastructure.
As cyberthreats facing healthcare organizations soar, medical device maker Becton, Dickinson and Co. has ramped up its process for coordinated disclosure of vulnerabilities to help identify, assess and communicate issues to regulators and industry stakeholders, says BD's Dana-Megan Rossi.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
