The aftershocks of the Change Healthcare cyberattack are still reverberating through the healthcare sector nearly 60 days into the recovery process. But on Tuesday, members of Congress and industry experts grappled with how to avoid a future replay - minus a key witness: UnitedHealth Group.
Cybersecurity experts are sounding the alarm over a rise in supply chain attacks targeting the interconnected systems of global corporate giants after the top U.S. cyber agency urged Sisense customers to reset their credentials following an apparent hack.
A global law firm that provides data breach legal services has agreed to an $8 million settlement to resolve a proposed class action lawsuit filed against the firm in the aftermath of its cyberattack last year, which affected some health sector clients and nearly 638,000 individuals.
In the latest weekly update, four ISMG editors discussed the unending twists and turns in the Change Healthcare cyberattack, positive signs of economic recovery in the cybersecurity tech market, and how artificial intelligence is shaking up supply chain security.
A Wisconsin nonprofit managed care organization is notifying nearly 534,000 individuals that their protected health information was copied and stolen in a recent attack by a "foreign ransomware gang" that also attempted - but failed - to encrypt the group's IT systems.
Following Rubrik's announcement that it plans to list on the New York Stock Exchange, another company is considering trying its luck in the public market. Claroty is meeting with underwriters ahead of a possible 2025 IPO that could value the cyber-physical systems security titan at $3.5 billion.
As organizations embrace digital transformation, software security challenges have become increasingly complex. Adriana Freitas, director of the European Foundation Anti-Phishing Working Group, offers insights on the imperative role of DevSecOps in modern cybersecurity practices.
The Change Healthcare attack - the most disruptive cyber incident to ever hit the U.S. healthcare ecosystem - spotlights the risks that come from relying on a handful of major suppliers, said leaders of the Health Information Sharing and Analysis Center.
Fresh zero-day vulnerabilities continue to be actively exploited in the wild by attackers, often for surveillance and espionage purposes, according to the latest annual review of in-the-wild exploits published by Google. In 2023, 97 new zero-days came to light, up from 62 in 2022.
The move to cloud has uncovered a range of risks that enterprises might inadvertently overlook. Transition often highlights cloud concentration risk, which encompasses vendor, availability, business continuity and regulatory risks, said Abid Adam, group chief risk and compliance officer at Axiata.
A nursing home operator is seeking bankruptcy protection, citing the effects of a ransomware attack last fall and fallout from the recent Change Healthcare outage as factors that contributed to its financial woes. Also, a Senate bill aims to address cash flows for some health firms hit by an attack.
Revenue cycle management firm MedData has agreed to a $7 million settlement in a class action lawsuit filed after an employee inadvertently uploaded and exposed the health and personal information of about 136,000 individuals on the public-facing part of GitHub for more than a year.
Synopsys' board of directors signed off Wednesday on selling the company's $525 million application security testing business to focus exclusively on design automation and IP. The systems design behemoth began exploring strategic alternatives for its software integrity group in November.
Major technology vendors keep being hacked by the nation-state hacking group Midnight Blizzard. Essential defenses to combat such attacks begin with implementing log monitoring across multiple platforms to find red flags, said John Fokker, head of threat intelligence at Trellix.
Ransomware groups hope threats are enough to sway victims so they don't have to follow through. For victims who pay ransoms, the results are almost guaranteed to be less than advertised - more akin to buying a pig in a poke than a contractual guarantee of service.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.