The FDA recently unveiled a new scoring system for assessing medical device vulnerabilities, an update from its previous system that was initially designed for commercial devices...
The Department of Health and Human Services Office for Civil Rights announced it reached a $1 million settlement with Aetna to resolve potential HIPAA violations stemming from three...
Healthcare delivery organizations are increasingly deploying medical devices, IoT, and other medical platforms to improve connectivity and support patient care. But failed network segmentation, legacy...
Two impersonation-based phishing campaigns emerged in recent weeks, leveraging spoofing tactics to appear as legitimate emails. The most recent campaign masquerades...
Sonoma Valley Hospital in California is currently operating under EHR downtime procedures after falling victim to a security incident two weeks ago on October...
NIST recently released a draft profile for technology leveraging positioning, navigation, and timing (PNT) data, such as the Global Positioning System (GPS), meant...
It’s no secret healthcare has remained highly targeted by cybercriminals given its troves of valuable data and the high likelihood of paying ransom demands. As COVID-19 surged, hackers rapidly evolved their threats and tactics to...
The hackers behind REvil, Netwalker, and Conti ransomware have once again posted personal and protected health information they claim to have stolen from...
HIPAA-required breach notifications in the wake of a security incident continue to be an Achille’s heel for the healthcare sector. Many notices appear laden with flowery...
Chinese nation-state actors are actively scanning for and exploiting 25 common vulnerabilities and exposures (CVEs), which enabled multiple successful hacks on a range of victims, according to an...
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency is urging organizations to review a UK National Cyber Security Centre (NCSC) alert for a remote code execution...
In the wake of a breach, navigating a response to quickly eradicate the hackers from the network and reduce the impact of an attack is no easy feat. But in the healthcare sector, ensuring a...
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency urged all organizations to apply the patch for a remote code execution (RCE) vulnerability...
Universal Health Services announced its IT team has brought all of the 400 US health system sites back online, three weeks after a massive ransomware attack drove clinicians...
Multi-factor authentication (MFA) can block more than 99 percent of automated cyber attacks, yet healthcare organizations often wait until their security has already been breached before turning to...
Advanced persistent threat (APT) hackers are targeting government networks, critical infrastructure, and election organizations by chaining vulnerabilities – a method of exploiting multiple...
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency recently released a pair of insights. The first outlines best practice guidance for ransomware and other threats,...
Two-thirds of organizations saw an increase in the number of IoT and endpoint security incidents in the last year, with US cybersecurity decision makers naming malware, insecure networks, and remote...
The frequency of daily ransomware attacks increased 50 percent during the third quarter of 2020 from the first half of the year, with the US healthcare sector the most targeted globally, according to...
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency released an alert for all sectors, warning of a resurgence in sophisticated cyberattacks leveraging the...