Tag: healthcare
-
Healthcare Cyberattacks in 2024 Expose 276 Million Patient Records Compromised
by
in SecurityNewsThe healthcare sector faced an unprecedented wave of cyber threats, with a staggering 92% of organizations reporting at least one cyberattack. This alarming statistic resulted in the compromise of over 276 million patient records, equating to approximately 758,000 records breached daily. The fallout from these breaches has been profound, with victims of medical identity theft…
-
Nation-State Actors Target Healthcare Institutions to Sabotage IT and OT Systems
by
in SecurityNewsThe nation-state actors have increasingly set their sights on healthcare institutions worldwide, launching sophisticated cyberattacks aimed at disrupting both Information Technology (IT) and Operational Technology (OT) systems. These attacks, often orchestrated by state-sponsored groups with significant resources, pose a severe threat to patient safety, data integrity, and the operational continuity of critical healthcare services. Cybersecurity…
-
Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns
by
in SecurityNews
Tags: cyber, espionage, group, healthcare, korea, military, service, software, supply-chain, technologyA cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting various entities in Taiwan and South Korea, including military, satellite, heavy industry, media, technology, software services, and healthcare sectors.Cybersecurity firm Trend Micro said the first wave, codenamed VENOM, mainly targeted software service providers,…
-
Ascension: Software Exploit Breach Affects Nearly 440,000
by
in SecurityNewsFormer Business Partner’s Third-Party Software at Center of Hospital Chain’s Incident. Ascension Health is notifying nearly 440,000 patients of a breach involving a former business partner and exploit of a third-party software flaw. Some experts speculate the incident involved Cleo managed file transfer software. The breach is one of several Ascension experienced in recent months.…
-
The rise of vCISO as a viable cybersecurity career path
by
in SecurityNews
Tags: advisory, business, ceo, cio, ciso, compliance, computer, control, country, cyber, cybersecurity, government, grc, group, guide, healthcare, incident response, infrastructure, ISO-27001, jobs, mobile, network, nist, risk, risk-assessment, risk-management, service, skills, strategy, technology, tool, trainingDamon Petraglia, vCISO and CISO on demand Blue Mantis Damon Petraglia A long-time cybersecurity pro with chops built up in the federal government world and through forensic investigation work, Damon Petraglia works as a vCISO and CISO on demand for the IT services firm Blue Mantis.”Where I am today as a vCISO is a culmination…
-
Mature But Vulnerable: Pharmaceutical Sector’s Cyber Reality
by
in SecurityNewsPharmaceutical companies typically have more mature cyber programs than other healthcare factions, but these firms also face unique risks involving their large attack surfaces, complex manufacturing, supply chains and sensitive intellectual property, said Joshua Mullen of Booz Allen Hamilton. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/mature-but-vulnerable-pharmaceutical-sectors-cyber-reality-i-5476
-
Ascension says recent data breach affects over 430,000 patients
by
in SecurityNewsAscension, one of the largest private healthcare systems in the United States, has revealed that a data breach disclosed last month affects the personal and healthcare information of over 430,000 patients. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ascension-says-recent-data-breach-affects-over-430-000-patients/
-
CVE funding crisis offers chance for vulnerability remediation rethink
by
in SecurityNews
Tags: access, ai, awareness, best-practice, cisa, cve, cvss, cybersecurity, data, exploit, Hardware, healthcare, intelligence, iot, kev, least-privilege, metric, mfa, microsoft, network, open-source, penetration-testing, risk, software, threat, tool, training, update, vulnerability, vulnerability-managementAutomatic for the people: AI technologies could act as a temporary bridge for vulnerability triage, but not a replacement for a stable CVE system, according to experts consulted by CSO.”Automation and AI-based tools can also enable real-time discovery of new vulnerabilities without over-relying on standard CVE timelines,” said Haris Pylarinos, founder and chief executive of…
-
Cyberangriff auf Arztpraxen in Missouri, USA
by
in SecurityNewsEsse Health Cyberattack Disrupts Healthcare Services in St. Louis First seen on hipaajournal.com Jump to article: www.hipaajournal.com/esse-health-cyberattack/
-
Indiana Health System Notifies 263,000 of Oracle Hack
by
in SecurityNewsUnion Health System Among Many Cerner Legacy Data Clients Affected by Breach. An Indiana health system is among the first healthcare organizations notifying regulators and thousands of people affected by the Oracle hack in January. Attackers compromised legacy patient data hosted by Cerner servers that were set to migrate to Oracle’s cloud environment. First seen…
-
Cyberattacks on Critical Infrastructures Makes Us Very Vulnerable
by
in SecurityNews
Tags: attack, communications, cyber, cyberattack, cybersecurity, data, healthcare, infrastructure, linkedin, strategy, update, vulnerabilityMany don’t realize that cyberattacks against Critical Infrastructure sectors, can cause more than an inconvenience of a temporary power outage. Critical Infrastructures are a favorite of aggressive Nation State cyber threats. In addition to communications disruptions, power outages, and healthcare billing, these attacks can also seek to disrupt food distribution. The result empty shelves…
-
Healthcare workers regularly upload sensitive data to GenAI, cloud accounts
by
in SecurityNewsHealthcare organizations are facing a growing data security challenge from within, according to a new report from Netskope Threat Labs. The analysis reveals that employees in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/08/healthcare-workers-upload-sensitive-data-genai/
-
Quantum supremacy: Cybersecurity’s ultimate arms race has China way in front
by
in SecurityNews
Tags: ai, authentication, automation, backup, banking, breach, business, china, ciso, computing, control, crypto, cryptography, cybersecurity, data, encryption, finance, government, healthcare, identity, infrastructure, jobs, military, ml, nist, risk, service, skills, technology, threat, update, vulnerability, zero-dayThe DeepSeek/Qwen factor: What we learned from recent AI advances, such as DeepSeek and Qwen, that caught the world by surprise is that China’s technology is much more advanced than anyone anticipated. I’d argue that this is a leading indicator that China’s quantum computing capabilities are also in absolute stealth-mode development and ahead of the…
-
Cyberwarfare Funding Accelerates and Everyone is at Risk
by
in SecurityNews
Tags: attack, china, cyber, cyberattack, cybersecurity, data, defense, exploit, finance, government, healthcare, infrastructure, risk, russia, service, tool, vulnerability, warfareNations are investing heavily in offensive cyber capabilities. The proposed 2026 US defense budget earmarks an additional $1 billion in funding for offensive cyber operations, specifically to the US Indo-Pacific Command (USINDOPACOM). In 2025, the Department of Defense spent over $14 billion on cyber, with $6.4 billion allocated to offensive operations. An extra billion dollars…
-
Strengthening Cyber Defense and Achieving Digital Operational Resilience in Healthcare
by
in SecurityNewsLook, we all know cybersecurity is hard. Then you add budget pressures, talent gaps, and operational chaos, it gets even harder. I’ve lived it. I spent over 25 years at MD Anderson Cancer Center, the largest cancer center in the world. I retired recently as CTO. Our mission was clear: end cancer. But that… First…
-
U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems
by
in SecurityNewsThe U.S. Department of Justice (DoJ) on Thursday announced charges against a 36-year-old Yemeni national for allegedly deploying the Black Kingdom ransomware against global targets, including businesses, schools, and hospitals in the United States.Rami Khaled Ahmed of Sana’a, Yemen, has been charged with one count of conspiracy, one count of intentional damage to a protected…
-
Enhancing EHR Security: Best Practices for Protecting Patient Data
by
in SecurityNewsIn the digital healthcare landscape, electronic health records (EHRs) are foundational to patient care, operational efficiency and regulatory compliance. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/enhancing-ehr-security-best-practices-for-protecting-patient-data/
-
Healthcare group Ascension discloses second cyberattack on patients’ data
by
in SecurityNewsThis time criminals targeted partner’s third-party software First seen on theregister.com Jump to article: www.theregister.com/2025/05/01/ascension_cyberattack/
-
Ascension Notifying Patients About Rash of Third-Party Hacks
by
in SecurityNews4 Breaches Appear to Potentially Affect Hundreds of Thousands Across Several States. Catholic hospital chain Ascension Health is notifying hundreds of thousands of individuals across several states of at least four hacking incidents in recent months involving third-parties. Ascension reported one of the breaches this week, another in mid-April and the others in March and…
-
Navigating Healthcare Cybersecurity CISO’s Practical Guide
by
in SecurityNewsNavigating healthcare cybersecurity is crucial in today’s hyper-connected environment, where it underpins both operational resilience and patient trust. The rapid digitization of medical records, proliferation of connected devices, and the growing sophistication of cyber threats have placed Chief Information Security Officers (CISOs) at the forefront of organizational strategy. No longer just gatekeepers of compliance, CISOs…
-
Smashing Security podcast #415: Hacking hijinks at the hospital, and WASPI scams
by
in SecurityNewsHe’s not a pop star, but Jeffrey Bowie is alleged to have toured staff areas of a hospital in Oklahoma, hunting for computers he could install spyware on. We dive into the bizarre case of the man accused of hacking medical networks and then sharing how he did it on LinkedIn. First seen on grahamcluley.com…
-
Ransomware bei einem Krankenhaus auf den U.S. Virgin Islands
by
in SecurityNewsJFL Hospital Becomes Latest Government Entity Hit by Cyberattack Following V.I. Lottery Ransomware Incident First seen on viconsortium.com Jump to article: viconsortium.com/vi-government/virgin-islands-jfl-hospital-becomes-latest-government-entity-hit-by-cyberattack-following-v-i–lottery-ransomware-incident
-
Feel Relieved with Effective Least Privilege Tactics
by
in SecurityNewsWhy are Least Privilege Tactics Crucial in the Cybersecurity Landscape? The question that frequently arises among cybersecurity experts is, “How can we effectively mitigate these risks?” One noteworthy strategy adopted by professionals across various industries, including financial services, healthcare, and travel, is the use of least privilege tactics. This approach is particularly valuable for organizations……
-
ResolverRAT Targets Healthcare and Pharmaceutical Sectors Through Sophisticated Phishing Attacks
by
in SecurityNewsA previously undocumented remote access trojan (RAT) named ResolverRAT has surfaced, specifically targeting healthcare and pharmaceutical organizations worldwide. First observed as recently as March 10, 2025, this malware distinguishes itself from related threats like Rhadamanthys and Lumma through its sophisticated in-memory execution and multi-layered evasion techniques. Morphisec, a leading cybersecurity firm, has detailed the malware’s…
-
Cyberangriff auf ein Krankenhaus auf den Cayman Islands
by
in SecurityNewsCyberattack cripples doctor’s hospital systems First seen on caymanmarlroad.com Jump to article: caymanmarlroad.com/2025/04/28/cyberattack-cripples-doctors-hospital-systems/
-
Cybersecurity CEO accused of running malware on hospital PC blabs about it on LinkedIn
by
in SecurityNewsSometimes, silence is the best option First seen on theregister.com Jump to article: www.theregister.com/2025/04/28/infosec_ceo_accused_of_installing_malware/
-
Your NHIDR Is Getting Better”, How?
by
in SecurityNewsWhy Does Improving Non-Human Identity and Data Response (NHIDR) Matter? How often do we consider the impact of Non-Human Identities (NHIs) on our data security? The management of NHIs and their accompanying secrets has become an indispensable necessity for businesses. From financial services and healthcare to travel and DevOps, professionals across various domains are realizing……
-
Cybersecurity CEO Charged with Installing Malware on Hospital Computers
by
in SecurityNewsJeffrey Bowie, the CEO of cybersecurity company Veritaco, was seen on security camera footage walking into St. Anthony Hospital in Oklahoma City last year and installing malware on an employee computer. He was arrested this month for violating the state’s cybercrime statute. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/cybersecurity-ceo-charged-with-installing-malware-on-hospital-computers/