Three cybersecurity vulnerabilities in an older version of OpenEMR may leave healthcare organizations open to cyberattacks, HHS warned. HHS urged healthcare organizations using versions of OpenEMR...
Citrix released patches for a critical zero-day cybersecurity vulnerability (CVE-2022-27518) in its Application Delivery Controller (ADC) and Gateway platforms.
HHS knows of healthcare entities that...
Organization executives are doubling down on investments toward cybersecurity reliance as an uptick in data security breaches jeopardizes business operations and overwhelms industries, including the...
New cybersecurity vulnerabilities are a constant challenge for organizations of all sizes, Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure...
UPDATE 11/1/2022 - OpenSSL provided vulnerability guidance for CVE-2022-3786 and CVE-2022-3602. CVE-2022-3602 is no longer labeled as "critical" and was downgraded to "high" after further...
Two zero-day vulnerabilities are being actively exploited in Microsoft Exchange Servers 2013, 2016, and 2019, and may impact healthcare cybersecurity.
The first vulnerability (CVE-2022-41040) is a...
As the healthcare community continues to grapple with cybersecurity challenges, more device manufacturers, independent researchers, and software companies have been prioritizing cybersecurity vulnerability disclosures as a way to mitigate...
The Federal Bureau of Investigation (FBI) released its second private industry notification in a single week directed at the healthcare sector, this time warning of social engineering techniques used...
Penetration (“Pen”) testing is a key tool in maintaining healthcare cybersecurity and identifying potential security gaps and vulnerabilities before threat actors can. Security firm...
Apple released security updates to defend against two zero-day vulnerabilities found in macOS Monterey, iOS and iPadOS, and Safari, the Cybersecurity and Infrastructure Security Agency (CISA)...
High-severity cybersecurity vulnerabilities in OFFIS DCMTK software could result in remote code execution (RCE) if exploited, the Cybersecurity and Infrastructure Security Agency (CISA) warned in a...