Cybersecurity

CISA Releases Advisory On Preventing Web Application Access Control Abuse

by Jill McKeon

Insecure direct object reference (IDOR) vulnerabilities in web applications pose a threat to organizations around the world, the Cybersecurity and Infrastructure Security Agency (CISA) warned in a...

FL Senator Urges FBI to Prioritize Tampa General Cyberattack Investigation

by Jill McKeon

Following a cyberattack on Tampa General Hospital (TGH) that impacted 1.2 million people, Florida Senator Rick Scott (R-FL) penned a letter to FBI Director Christopher Wray asking the bureau to...

How Providers Can Defend Against AI-Assisted Cyberattacks

by Jill McKeon

What once seemed like a far-fetched idea is now a reality — artificial intelligence (AI) is advancing steadily, enabling increased efficiency in a variety of sectors. Unfortunately, cyber threat actors can also leverage AI to...

Software Vulnerability Triggers Rite Aid Data Breach, 24K Impacted

by Sarai Rodriguez

Rite Aid recently revealed a major data breach that potentially left the personally identifiable information (PII) of 24,400 customers exposed to threat actors. The issue came to light on May 31,...

Average Cost of Healthcare Data Breach Reaches $11M

by Jill McKeon

The average cost of a healthcare data breach rose to $11 million, signifying a $1 million increase from last year, according to IBM Security’s 2023 "Cost of a Data Breach Report." The global...

AI, Ransomware Remain Prevalent in Evolving Cybersecurity Landscape

by Sarai Rodriguez

Healthcare organizations face an uptick in cyber threats, as malicious actors turn to tools like ransomware, artificial intelligence (AI), and Internet of Things (IoT) attacks. These threats are...

Imagine360 Suffers Third-Party Data Breach, 112K Impacted

by Sarai Rodriguez

Imagine360, a Pennsylvania-based provider of self-funded health plan solutions,  alerted over 112,000 individuals about a third-party data breach from January 2023, which occurred on its Citrix...

CISA Warns Critical Infrastructure of APT Actors Targeting Outlook Online

by Jill McKeon

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) urged critical infrastructure entities to enhance monitoring of Microsoft Exchange Online...

How Threat Actors Leverage AI to Advance Healthcare Cyberattacks

by Jill McKeon

The HHS Health Sector Cybersecurity Coordination Center (HC3) issued a brief regarding artificial intelligence (AI) and the threats it may pose to healthcare cybersecurity. As AI continues to advance,...

Veterans Affairs OIG Finds Cybersecurity Deficiencies at AZ Health System

by Jill McKeon

The US Department of Veterans Affairs (VA) Office of Inspector General (OIG) inspected the information security program at the Northern Arizona VA Healthcare System and discovered significant security...

White House Issues National Cybersecurity Strategy Implementation Plan

by Jill McKeon

The Biden-Harris Administration issued its National Cybersecurity Strategy Implementation Plan (NCSIP), which provides a detailed roadmap to achieving the National Cybersecurity Strategy. The...

Examining Health Data Privacy, HIPAA Compliance Risks of AI Chatbots

by Jill McKeon

AI chatbots, such as Google’s Bard and OpenAI’s ChatGPT, have sparked continuous conversation and controversy since they became available to the public. In the healthcare arena, patients...

MedCrypt, Kansas State University Launch Medical Device Security Research Project

by Jill McKeon

MedCrypt, a cybersecurity solution provider for medical device manufacturers, announced a partnership with Kansas State University (KSU) to drive medical device security research. MedCrypt provided a...

Security Flaws Found in Software Development Kit Used for Telemedicine Services

by Jill McKeon

Claroty’s Team82 and Check Point Research (CPR) discovered critical vulnerabilities in the QuickBlox software development kit (SDK) and application programming interface (API), a framework that...

CISA Warns of Truebot Activity Infecting US Networks

by Jill McKeon

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for...

HSCC Releases Cybersecurity Coordinated Incident Response Template

by Jill McKeon

The Healthcare and Public Health Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) issued a new publication, entitled “Health Industry Cybersecurity Coordinated Healthcare...

Kronos Reaches $6M Settlement Over Ransomware Attack

by Jill McKeon

Kronos, also known as Ultimate Kronos Group (UKG), agreed to pay $6 million to resolve a class action lawsuit over a 2021 data breach. The HR management solutions provider suffered a ransomware attack...

Murfreesboro Medical Clinic Confirms 559K-Record Breach

by Jill McKeon

Approximately 559,000 individuals were impacted by a healthcare data breach at Murfreesboro Medical Clinic & SurgiCenter (MMC), the Tennessee-based organization confirmed. As previously reported,...

OCR Reinforces Importance of Multi-Factor Authentication in Healthcare

by Jill McKeon

Strong authentication practices can help healthcare organizations mitigate breach risk and maintain compliance, the HHS Office for Civil Rights (OCR) reminded covered entities in its June 2023...

Medtronic Discloses Cybersecurity Vulnerability in Paceart Optima System

by Jill McKeon

Medtronic notified the Cybersecurity and Infrastructure Security Agency (CISA) of a cybersecurity vulnerability (CVE-2023-31222) found in its Paceart Optima System. If exploited, threat actors may be...