Network Security

63% of known exploited vulnerabilities found on healthcare networks

March 18, 2024 - Healthcare networks and medical devices are highly vulnerable to cyberattacks, according to a recent study from cyber-physical systems protection company Claroty. The study found that 63 percent of known exploited vulnerabilities (KEVs) tracked by the Cybersecurity and Infrastructure Security Agency (CISA) can be found on healthcare networks. About...


More Articles

Why Endpoint Security is Critical For Healthcare Cybersecurity

by Jill McKeon

Endpoint security should be a crucial component of every healthcare organization’s cybersecurity program. It only takes one vulnerable endpoint for a threat actor to gain access and orchestrate a healthcare cyberattack—and with...

Cybersecurity, Vulnerabilities Not Priorities for Most Hospitals

by Jill McKeon

Most hospital IT teams say that cybersecurity is not a high investment priority, despite a growing number of cyberattacks in the healthcare industry, according to a report conducted in by CyberMDX in...

IT Security Company COO Charged with Medical Center Cyberattack

by Jill McKeon

Vikas Singla, chief operating officer of network security company Securolytics, was indicted on June 8th in connection with a 2018 medical center cyberattack Georgia, according to a statement from the...

VMware Flaw: Patch Now as Hackers, Malware Exploit Security Gap

by Jessica Davis

Since its disclosure by VMware just two weeks ago, researchers have observed attackers hunting for unpatched systems and a widespread bot campaign that delivers worming malware, according to a Cisco...

Report: New Ransomware Variant Targeting Microsoft Exchange Servers

by Jessica Davis

Threat actors with likely ties to REvil ransomware are targeting and successfully exploiting vulnerabilities in Microsoft Exchange Servers with a new malware variant in cyberattacks against enterprise...

Could The SASE Model Move the Needle on Healthcare Cybersecurity?

by Jessica Davis

The multiple, massive cybersecurity incidents across the globe have demonstrated the ease in which threat actors can take control over critical infrastructure entities and their valuable data. For...

FBI: Unpatched Fortinet Flaws Remain Under Attack by APT Actors

by Jessica Davis

Advanced persistent threat (APT) actors are continuing to exploit three, unpatched, critical vulnerabilities in certain Fortinet FortiOS devices to gain access to victims’ networks for nefarious...

Microsoft: Active NOBELIUM Malware Actors’ Spear-Phishing Campaign

by Jessica Davis

The malware threat actors behind the SolarWinds Orion compromise in 2020 are continuing to target Microsoft networks and cloud assets, according to Microsoft insights. NOBELIUM historically targets...

NIST IoT Guidance for Network-Based Attacks, Device Communication

by Jessica Davis

NIST unveiled guidance for small-sized enterprise networks and home users designed to mitigate network-based attacks using a standards-based approach to network communication...

CISA: VMware Patches Critical Server Flaw, Warns of Ransomware Threat

by Jessica Davis

The Department of Homeland Security Cybersecurity and Infrastructure Security Agency released an alert for a recent software update from VMware. A critical flaw in vCenter Server platforms could allow...

CISA Eviction Guide for SolarWinds, Microsoft O365 Compromises

by Jessica Davis

The Department of Homeland Security Cybersecurity and Infrastructure Security Agency released eviction guidance for system compromises caused by the supply-chain attack on SolarWinds and subsequent...

External Threat Actors Outpace Insiders in Healthcare Data Breaches

by Jessica Davis

For the second consecutive year, external threat actors caused the majority of healthcare data breaches in 2020, compared to just 39 percent caused by insiders, either inadvertently or...

DHS CISA, FBI Alert to DarkSide Ransomware, After Pipeline Attack

by Jessica Davis

Several days after the DarkSide ransomware attack against the US critical infrastructure pipeline company, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency and...

NSA Insights: Malicious Cyber Activity on Connected, IT Operational Tech

by Jessica Davis

On Thursday, the NSA unveiled guidance designed to support the defense of malicious cyber activity on targeted, connected operational tech (OT). Although aimed at federal agencies, private sector...

Joint Fed Guidance on Russian APT Cyberattacks, Exploits, Malware

by Jessica Davis

Russian Advanced persistent threat (APT) actors are actively targeting a range of US entities to gather intelligence agencies. Recent federal guidance aims to shed light on the tactics used in these...

77% of Ransomware Spurs Data Extortion, Driven by Accellion Hack

by Jessica Davis

Driven by Clop actors and the Accellion File Transfer Appliance (FTA) hack, exfiltration and extortion attempts are now occurring in the vast majority of ransomware attacks, increasing from 70 percent...

Threat Actors Exploiting 3 SonicWall Email Security Vulnerabilities

by Jessica Davis

Entities using SonicWall Hosted Email Security (HES) are being urged to prioritize the patching of three zero-day vulnerabilities within the software, which researchers have observed being exploited in...

DOJ: FBI Removed Web Shells From Exploited Microsoft Exchange Servers

by Jessica Davis

In a rare move, a court-authorized FBI operation removed web shells from a host of exploited on-prem Microsoft Exchange Servers. Many of the victims may have been unaware their systems were...