As the year winds down, phishing and ransomware attacks continue to plague the healthcare sector, as illustrated by recent breach reports. A hospital owned by Cancer Treatment Centers of America is among the latest phishing victims.
Thousands of emails from four senior aides within the National Republican Congressional Committee were exposed after their accounts were compromised for several months earlier this year, Politico reports. Few details have been released about the incident, which was investigated by Crowdstrike.
To combat cyberattacks, more nations must not only hold nation-state attackers accountable, but also better cooperate by backing each other's attribution, said Estonian politician Marina Kaljurand, who chairs the Global Commission on the Stability of Cyberspace, in her opening keynote speech at Black Hat Europe 2018.
In a groundbreaking effort, the attorneys general of a dozen states have jointly filed a federal lawsuit against a cloud-based electronic health records vendor that reported a 2015 data breach affecting 3.9 million individuals.
Federal regulators have slapped a company that provides contracted physicians to hospitals and nursing homes with a $500,000 HIPAA settlement in a breach case involving the lack of a business associate agreement with an individual providing billing services.
A severe vulnerability in Kubernetes, the popular open-source software for managing Linux applications deployed within containers, could allow an attacker to remotely steal data or crash production applications. Microsoft and Red Hat have issued guidance and patches; they recommend immediate updating.
A failure to patch systems and slipups that lead to insider threats are two major causes of breaches in the healthcare sector that need to be urgently addressed, says Anahi Santiago of Christiana Care Health System.
"Smart cities" projects face huge cybersecurity challenges as they adopt advanced technologies, including IoT systems, says Adnan Baykal of the Global Cyber Alliance.
The Black Hat Europe information security conference returns to London, featuring 40 research-rich sessions covering diverse topics, including politically motivated cyberattacks, recovering passwords from keyboards thanks to thermal emanations, hacking Microsoft Edge and detecting "deep fakes."
Next to corporate communications that claim that "your security is important to us," any website post titled "security update" portends bad news. So too for question-and-answer site Quora, which says a hack exposed 100 million users' personal details, including hashed passwords and private content.
A security review of two Medicaid managed care organizations in Arizona revealed several significant access control and configuration vulnerabilities, raising concerns about whether other MCOs face similar challenges.
Marriott's mega-breach underscores the challenges companies face in securing systems that come from acquisitions as well as simply storing too much consumer data for too long, computer security experts say. Meanwhile, the hotel giant has yet to answer many pressing data breach questions.
Tabletop exercises are a critical way to make sure an organization's incident response plan is effective and everyone knows their roles, says Ronald Raether of the law firm Troutman Sanders.
Will Marriott be the first organization that lost control of Europeans' personal data to feel the full force of the EU's General Protection Regulation? With GDPR in full effect since May, organizations with data security practices face the potential of massive fines.
The Marriott hotel chain has announced its Starwood guest reservation database has been hacked, potentially exposing up to 500 million accounts. The unauthorized access to the database started in 2014, the company says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.