The Cloud Security Alliance's new medical device incident response playbook aims to help healthcare entities plan for security incidents involving different types of devices, taking into consideration varying patient safety issues, say co-authors Christopher Frenz of Mount Sinai South Nassau and Brian Russell of...
French IT services firm Inetum Group has confirmed that it was the subject of a ransomware attack last week that disrupted certain operations. The group has ruled out, however, that the incident has any links to the Log4j vulnerability.
As Russia masses troops on its border with Ukraine, the White House says Russian disinformation campaigns have been aimed at destabilizing Ukraine's government, while experts have seen a surge in "cyber intrusions" against infrastructure, banking and government targets in advance of a potential invasion.
Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP, joins three ISMG editors to discuss important cybersecurity and privacy issues, including how U.S. enterprises are harmonizing three disparate privacy laws, and ransomware preparedness.
The latest edition of the ISMG Security Report features an analysis of the most recent developments in the Log4j security flaw crisis, ransomware-era incident response essentials and what to expect from cybersecurity in 2022.
Two healthcare sector entities are in the process of notifying a total of nearly 750,000 individuals of recent hacks compromising patients' protected health information. Separately, regulators have issued HIPAA guidance pertaining to PHI disclosures involving "extreme risk" and firearms.
Microsoft Teams' link preview feature contains four vulnerabilities that allow attackers to access internal Microsoft services, spoof the link preview and - for Android users - leak their IP address and use DoS attacks against their Teams app/channels. Three of the four flaws remain unpatched.
German security researchers have found a critical drive-by RCE vulnerability in Windows 10. They allege that Microsoft at first dismissed the finding, but later bumped up the vulnerability to "Critical, RCE" and released a patch five months later.
A data breach at Volvo Cars involving intellectual property theft highlights the need for identity and access management and deployment of next-gen cybersecurity measures, such as automotive security operations centers, or ASOCs, some experts say.
What does the C-suite want to know about ransomware preparedness and response strategies? CEO of (ISC)² Clar Rosso shares findings from the company's new report that provides insights into the minds of C-suite executives and how they perceive their organizations’ readiness for ransomware attacks.
A federal grand jury has handed down a superseding indictment expanding the charges filed against Joe Sullivan, the former CSO of Uber, for his allegedly covering up a 2016 data breach at the ride-sharing service from authorities and paying "hush money" to two hackers. Sullivan denies the charges.
CISA, the FBI, the NSA and several of their international law enforcement partners have issued a joint advisory on the known vulnerabilities in the Apache Log4j software library urging "any organization using products with Log4j to mitigate and patch immediately."
An authentication bypass vulnerability in Zoho's widely used unified endpoint management tool, ManageEngine Desktop Central, is being used by advanced persistent threat actors to gain remote access permissions, the FBI says.
Federal authorities have issued an advisory warning about remotely exploitable security vulnerabilities in certain Fresenius Kabi infusion pump systems that could allow an attacker to gain access to sensitive information, modify settings, or perform arbitrary actions as an authenticated user.
A flaw in a Bluetooth-enabled at-home COVID-19 test, which has since been fixed, would have allowed individuals to change test results from positive to negative, and vice versa, says a report by the security researcher who discovered the problem. Are other medical IoT products at similar risk?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.