Tag: healthcare
-
10 key questions security leaders must ask at RSA 2025
Tags: access, ai, api, application-security, authentication, automation, business, cisa, ciso, cloud, conference, control, corporate, cve, cyber, cybersecurity, data, defense, detection, edr, endpoint, fido, finance, gartner, google, government, healthcare, infrastructure, microsoft, mitigation, mitre, monitoring, mssp, network, nist, passkey, password, phone, programming, resilience, risk, risk-management, service, software, strategy, switch, threat, tool, training, vulnerability, zero-trustIs agentic AI more myth than reality?: Building on 2024’s AI enthusiasm, this year will be all about agentic AI, defined as “a type of AI that enables software systems to act autonomously, making decisions and taking actions based on goals, with minimal human intervention,” according to AI itself (source: Google Gemini). We’ll see lots…
-
Blue Shield Exposed Health Data of 4.7 Million via Google Ads
Blue Shield of California has disclosed a significant data privacy incident affecting up to 4.7 million members, after discovering that protected health information (PHI) may have been inadvertently shared with Google Ads over nearly three years. The healthcare provider is now alerting potentially impacted members and implementing new safeguards to prevent future breaches. The breach…
-
Availity eyes GitLab Duo with Amazon Q for code refactoring
The healthcare network’s release engineering team is testing the new AI agent pairing to help with code consolidation, modernization and risk mitigation. First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366622842/Availity-eyes-GitLab-Duo-with-Amazon-Q-for-code-refactoring
-
Cybersecurity Snapshot: NIST Aligns Its Privacy and Cyber Frameworks, While Researchers Warn About Hallucination Risks from GenAI Code Generators
Tags: access, advisory, ai, attack, breach, china, cisa, cisco, ciso, cloud, computer, control, csf, cve, cyber, cyberattack, cybersecurity, data, defense, encryption, espionage, exploit, firmware, framework, governance, government, group, hacker, hacking, healthcare, identity, infrastructure, Internet, LLM, malicious, mfa, mitigation, mitre, network, nist, open-source, password, phishing, privacy, risk, risk-assessment, router, service, software, strategy, supply-chain, technology, threat, tool, update, vulnerabilityCheck out NIST’s effort to further mesh its privacy and cyber frameworks. Plus, learn why code-writing GenAI tools can put developers at risk of package-confusion attacks. Also, find out what Tenable webinar attendees said about identity security. And get the latest on the MITRE CVE program and on attacks against edge routers. Dive into five…
-
Guam Hospital Pays Feds $25K to Settle HIPAA Investigation
Case Resolves HHS OCR Scrutiny of Two Security Incidents. A Guam public hospital has agreed to pay federal regulators $25,000 and implement a corrective action plan to settle potential HIPAA violations – including a failure to conduct a comprehensive risk analysis – identified during an investigation into two security incidents. First seen on govinfosecurity.com Jump…
-
Small Healthcare Clinic Struggles to Stay Afloat Following Ransomware Attack
First seen on scworld.com Jump to article: www.scworld.com/native/small-healthcare-clinic-struggles-to-stay-afloat-following-ransomware-attack
-
CrazyHunter Hacker Group Exploits Open-Source GitHub Tools to Target Organizations
A relatively new ransomware outfit known as CrazyHunter has emerged as a significant threat, particularly targeting Taiwanese organizations. The group, which started its operations in the healthcare, education, and industrial sectors of Taiwan, leverages sophisticated cyber techniques to disrupt essential services. Sophisticated Techniques and Open-Source Exploitation CrazyHunter’s toolkit is largely composed of open-source tools sourced…
-
Researchers Expose Medusa Ransomware Group’s Onion Site
Researchers have successfully infiltrated the digital fortress of one of the most prolific ransomware groups, Medusa Locker. Known for targeting critical sectors like healthcare, education, and manufacturing, the group has been responsible for numerous cyberattacks since its detection in 2019. Uncovering the Achilles’ Heel The discovery began when security researchers identified a critical vulnerability within…
-
The Smishing Triad Surge: Text-Based Threats Are Getting Smarter, Not Simpler
What began as a trickle of spammy messages has evolved into a sophisticated and dangerous phishing campaign. The Smishing Triad, an active cybercriminal group, is behind a surge of SMS-based phishing attacks (smishing) targeting organizations across sectors”, from healthcare to logistics to finance. Their focus? Gaining access to internal portals and enterprise email accounts by…
-
New ResolverRAT malware targets healthcare and pharma orgs worldwide
Tags: authentication, control, data, encryption, group, healthcare, infrastructure, malware, monitoring, network, organized, rat, strategy, threat, toolPersistence and stealthy C2 communication: The new RAT employs multiple persistence strategies, including more than 20 obfuscated registry entries and files dropped in multiple folders on disk. The malware keeps a record of which persistence techniques were successful to use them as a fallback mechanism.Communication with the command-and-control (C2) server uses TLS encryption with a…
-
Introducing Wyo Support ADAMnetworks LTP
Tags: attack, best-practice, business, compliance, cyber, cybersecurity, data, email, endpoint, finance, GDPR, government, guide, healthcare, infrastructure, insurance, law, linkedin, PCI, phishing, radius, ransomware, regulation, service, skills, strategy, technology, threat, tool, training, update, zero-trustADAMnetworks is excited to announce Wyo Support to the family of Licensed Technology Partners. “After working with the various systems and technologies, there are few that compare with the protection that ADAMnetworks provides. It reduces the attack surface from the broad side of a barn down to the size of a keyhole. No other technology…
-
How to Feel Reassured with Cloud Data Security
Why is Cloud Data Security vital for Modern Businesses? Cloud data security has grown to be an inherent part of businesses across various industries today, ranging from financial services and healthcare to travel and DevOps. But, amidst this shift to digital transformation, have you ever considered how secure your data is in the cloud? Let’s……
-
Novel ResolverRAT trojan launched in global attacks against healthcare, pharma
First seen on scworld.com Jump to article: www.scworld.com/brief/novel-resolverrat-trojan-launched-in-global-attacks-against-healthcare-pharma
-
ResolverRAT Malware Targets Healthcare, Pharma with Phishing Tactics
First seen on scworld.com Jump to article: www.scworld.com/brief/resolverrat-malware-targets-healthcare-pharma-with-phishing-tactics
-
UK Software Firm Exposed 1.1TB of Healthcare Worker Records
8M UK healthcare worker records, including IDs and financial data, exposed due to a misconfigured staff management database… First seen on hackread.com Jump to article: hackread.com/uk-software-firm-exposed-healthcare-worker-records/
-
Prophylactic Cybersecurity for Healthcare
How to Be Proactive in a Reactive World In healthcare, preventative medicine is always more effective, less costly, and has better outcomes than waiting until after a serious heart incident occurs. It’s an apt analogy for cybersecurity as well. Prophylactic (preventative) care in cybersecurity yields far better outcomes than constantly scrambling to respond to critical……
-
Top Four Considerations for Zero Trust in Critical Infrastructure
Tags: access, ai, attack, authentication, automation, best-practice, breach, business, cctv, ceo, cloud, communications, compliance, corporate, cyber, cybersecurity, data, defense, email, encryption, exploit, finance, group, hacker, healthcare, identity, infrastructure, iot, law, malicious, mfa, nis-2, privacy, regulation, risk, saas, service, software, strategy, threat, tool, vulnerability, zero-trustTop Four Considerations for Zero Trust in Critical Infrastructure madhav Tue, 04/15/2025 – 06:43 TL;DR Increased efficiency = increased risk. Critical infrastructure organizations are using nearly 100 SaaS apps on average and 60% of their most sensitive data is stored in the cloud. Threat actors aren’t naive to this, leading to a whopping 93% of…
-
Healthcare cybersecurity needs a total overhaul
First seen on scworld.com Jump to article: www.scworld.com/perspective/healthcare-cybersecurity-needs-a-total-overhaul
-
New malware ‘ResolverRAT’ targets healthcare, pharmaceutical firms
New malware ‘ResolverRAT’ is targeting healthcare and pharmaceutical firms, using advanced capabilities to steal sensitive data. Morphisec researchers discovered a new malware dubbed ‘ResolverRAT’ that is targeting healthcare and pharmaceutical firms, using advanced capabilities to steal sensitive data. ResolverRAT spreads via phishing emails using localized languages and legal lures. Victims download a malicious file triggering…
-
New ResolverRAT malware targets pharma and healthcare orgs worldwide
A new remote access trojan (RAT) called ‘ResolverRAT’ is being used against organizations globally, with the malware used in recent attacks targeting the healthcare and pharmaceutical sectors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-resolverrat-malware-targets-pharma-and-healthcare-orgs-worldwide/
-
ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading
Cybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT that has been observed in attacks targeting healthcare and pharmaceutical sectors.”The threat actor leverages fear-based lures delivered via phishing emails, designed to pressure recipients into clicking a malicious link,” Morphisec Labs researcher Nadav Lorber said in a report shared with The First seen…
-
New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations
Organizations in the healthcare and pharmaceutical sectors have been targeted with ResolverRAT, a new malware family with advanced capabilities. The post New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/new-resolverrat-targeting-healthcare-pharmaceutical-organizations/
-
Sector by sector: How data breaches are wrecking bottom lines
Data breaches are rising across industries, hitting healthcare, finance, and retail especially hard. The damage goes beyond lost data, as it’s financial, operational, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/14/data-breaches-costs/
-
WellSpan Redefines Healthcare With Copilot
AI Tool Streamlines Clinical Workflows at WellSpan With Microsoft’s Dragon Copilot. WellSpan Health deploys Dragon Copilot, blending voice dictation and ambient listening to ease clinician burnout. It streamlines tasks with generative AI as part of an ecosystem shift, offering hope amid high burnout rates and workforce shortages. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/wellspan-redefines-healthcare-copilot-a-27966
-
Is HR running your employee security training? Here’s why that’s not always the best idea
Tags: attack, awareness, best-practice, breach, business, ciso, communications, compliance, cyber, cybersecurity, data, finance, guide, healthcare, privacy, resilience, risk, security-incident, service, threat, training, vulnerabilityHR doesn’t have specialized security knowledge: Another limitation is that an organization’s security training can be a component in maintaining certain certifications, compliance, contractual agreements, and customer expectations, according to Hughes.”If that’s important to your organization, then security, IT, and compliance teams will know the subjects to cover and help guide in the importance of…
-
Industry Asks for Clarity on Proposed HIPAA Cybersecurity Rules
Healthcare and IT security practitioners worry that some of the proposed amendments are not practical for a sector that lacks resources and often uses legacy equipment. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/industry-asks-clarity-proposed-hipaa-rules
-
Lawsuit: Hospital Pharmacist Spied on Coworkers for a Decade
University of Maryland Medical Center Said FBI Is Also Investigating Case. An academic medical center is facing a class action lawsuit alleging one of its pharmacists installed keylogging software on 400 computers over a decade to spy on the personal lives and intimate moments of coworkers. The pharmacist is also facing a criminal investigation, the…
-
In the wake of DOGE cuts on cyber, why the healthcare industry must step up
First seen on scworld.com Jump to article: www.scworld.com/perspective/in-the-wake-of-the-doge-cuts-on-cyber-why-the-healthcare-industry-must-step-up
-
Maryland pharmacist used keyloggers to spy on coworkers for a decade, victim alleges
A Maryland pharmacist installed spyware on hundreds of computers at a major teaching hospital and recorded videos of staff over the course of a decade, a class-action lawsuit alleges. First seen on therecord.media Jump to article: therecord.media/maryland-pharmacist-keylogger-spying-lawsuit