Tag: healthcare
-
Rethinking Risk: ICS OT Security with Purdue 2.0 and GRC
The rise of the extended Internet of Things (XIoT) across industrial (IIoT), healthcare (IoMT), commercial (OT, BMS/EMS/ACS/iBAS/FMS), and other sectors… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/rethinking-risk-ics-ot-security-with-purdue-2-0-and-grc/
-
How can I optimize costs while securing NHIs in cloud environments?
Are Cost Optimization and Security Identical Goals in Cloud Management? While cost optimization and robust security may appear to be odds with each other, an integrated approach that leverages Non-Human Identities (NHIs) can strike a perfect balance. From financial services to healthcare and travel, organizations operating in diverse sectors are realising the immense potential of……
-
AI Adoption For Cybersecurity Healthcare Poised For Surge
First seen on scworld.com Jump to article: www.scworld.com/brief/ai-adoption-for-cybersecurity-healthcare-poised-for-surge
-
Biggest Cyber Threats to the Healthcare Industry Today
Healthcare organizations must enhance their cybersecurity arsenal. Doing so can help them prevent financial, compliance, and reputational damage. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/biggest-cyber-threats-healthcare-industry-today
-
The most notorious and damaging ransomware of all time
Tags: access, android, attack, backdoor, backup, banking, botnet, breach, communications, computer, control, credentials, cryptography, cyber, cybercrime, dark-web, data, defense, detection, email, encryption, endpoint, exploit, extortion, finance, flaw, framework, germany, google, government, group, hacker, hacking, healthcare, infection, infrastructure, international, jobs, korea, law, lazarus, leak, linux, malicious, malware, microsoft, mobile, msp, network, north-korea, office, open-source, oracle, password, phishing, phone, powershell, ransom, ransomware, russia, service, software, spam, switch, technology, threat, tool, ukraine, update, usa, virus, vulnerability, windowsConti: History: First appearing in May 2020, the Conti RaaS platform is considered the successor to the Ryuk ransomware. As of January 2021, Conti is believed to have infected over 150 organizations and earned millions of dollars for its criminal developers and their affiliates. At least three new versions have been found since its inception.How it works: Conti uses the…
-
CIOs and CISOs take on NIS2: Key challenges, security opportunities
Tags: access, cio, ciso, compliance, cybersecurity, data, GDPR, group, healthcare, ISO-27001, jobs, monitoring, nis-2, office, organized, privacy, regulation, risk, skills, software, strategy, supply-chain, technology, trainingCompliance will be easier for some: There are CIOs and CISOs who have found NIS2 compliance relatively easy: those who have worked toward ISO/IEC 27001:2022 certification, whether they remained in the preparation phase or actually got certified.Those who have the certification report having found themselves with “80% of the work done”: the company is ready…
-
Radiology Clinic, Hospital Among Latest Rural Cyber Victims
IT Outages Are Affecting Patient Services, NC Practice Is ‘Temporarily Closed’. A small North Carolina radiology practice and a 25-bed Pennsylvania hospital and are among the latest rural healthcare providers struggling to recover from recent cyberattacks that are disrupting their technology operations and affecting patient care services. How will this end up? First seen on…
-
FBI, CISA Raise Alarms As Medusa Ransomware Attacks Grow
Medusa developers have been targeting a wide variety of critical infrastructure sectors, from healthcare and technology to manufacturing and insurance, racking up its victim count as it seemingly adds to its numbers of affiliates. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/fbi-cisa-alarmed-medusa-ransomware-attacks-grow
-
Healthcare cybersecurity set for AI boom in 2025
First seen on scworld.com Jump to article: www.scworld.com/news/healthcare-cybersecurity-set-for-ai-boom-in-2025
-
The Case for Managed Security Services in Healthcare: Reducing Risk and Enhancing Patient Care
First seen on scworld.com Jump to article: www.scworld.com/perspective/the-case-for-managed-security-services-in-healthcare-reducing-risk-and-enhancing-patient-care
-
HealthTech Database Exposed 108GB Medical and Employment Records
A misconfigured database exposed 108.8 GB of sensitive data, including information on over 86,000 healthcare workers affiliated with… First seen on hackread.com Jump to article: hackread.com/healthtech-database-exposed-medical-employment-records/
-
ICYMI: Interesting Things We Learned at the HIMSS 2025 Conference
We had a good time talking to folks last week in our ColorTokens booth at the Healthcare Information and Management Systems Society conference in Las Vegas. The crowd was plentiful and engaged at the Venetian Convention Center and Ceasar’s Forum. Perhaps even more interesting than the keynote addresses and the latest-and-greatest information from the vendor……
-
Medusa ransomware slams critical infrastructure organizations
The ransomware-as-service gang tallied more than 300 victims in industries such as healthcare, manufacturing and technology. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/medusa-ransomware-slams-critical-infrastructure-organizations/742428/
-
86,000+ Healthcare Staff Records Exposed Due to AWS S3 Misconfiguration
A non-password-protected database belonging to ESHYFT, a New Jersey-based HealthTech company, was recently discovered by cybersecurity researcher Jeremiah Fowler. The database contained over 86,000 records, amounting to 108.8 GB of sensitive information. This data breach, while not attributed to intentional malice, highlights the critical need for robust cybersecurity measures in the healthcare sector. Background of…
-
Breaking the Barriers to a Password-Free Life in Enterprise: Meet SafeNet eToken Fusion NFC PIV security key
Tags: access, authentication, cloud, compliance, control, credentials, data, defense, encryption, fido, framework, government, healthcare, identity, infrastructure, mobile, nfc, password, phishing, regulation, service, software, strategy, technology, windowsBreaking the Barriers to a Password-Free Life in Enterprise: Meet SafeNet eToken Fusion NFC PIV security key madhav Thu, 03/13/2025 – 06:46 As large organizations increasingly shift towards passwordless solutions, the benefits are clear: enhanced user experience, improved security, and significant cost savings. The FIDO (Fast Identity Online) standard has emerged as the gold standard…
-
Abu Dhabi Guidelines Offer Blueprint for Cybersecurity in Health
Following increasing attacks on healthcare organizations, the United Arab Emirates has refined its regulatory strategy for improving cybersecurity in healthcare. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/abu-dhabi-guidelines-offer-blueprint-cybersecurity-health
-
Smashing Security podcast #408: A gag order backfires, and a snail mail ransom demand
What happens when a healthcare giant’s legal threats ignite a Streisand Effect wildfire”¦ while a ransomware gang appears to ditch the dark web for postage stamps? First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-408/
-
$405 Million Forfeited: Texas Pharmacist’s Fraudulent Compound Cream Scheme Exposes Vulnerabilities in Healthcare Systems
A Texas pharmacist, Dehshid “David” Nourian, 62, of Plano, has been sentenced to 17 years and six months First seen on securityonline.info Jump to article: securityonline.info/405-million-forfeited-texas-pharmacists-fraudulent-compound-cream-scheme-exposes-vulnerabilities-in-healthcare-systems/
-
Separate US healthcare breaches impact over 560K
First seen on scworld.com Jump to article: www.scworld.com/brief/separate-us-healthcare-breaches-impact-over-560k
-
HHS Investigators Get New Mission Under Trump: Root Out DEI
Stretched Agency Must Balance HIPAA Enforcement With Policing DEI in Healthcare. HHS investigators charged with protecting the civil rights and privacy of patients are now assigned to finding and stamping out diversity, equity and inclusion programs at universities and hospitals, with DEI now deemed discriminatory under the Trump administration. First seen on govinfosecurity.com Jump to…
-
15 Prozent der PCs im Gesundheitswesen fallen beim Security-Test durch
Die Studie »Resilience Obstacles in the Healthcare Industry« untersuchte die Telemetriedaten von über einer Million im Gesundheitswesen eingesetzten PCs. Dabei fanden die Analysten von Absolute Security heraus, dass den Endgeräten viel zu oft stabile Sicherheitsstrukturen fehlen, was Cyberkriminellen buchstäblich Tür und Tor zu den Infrastrukturen im Healthcare-Bereich öffnet. Warum ist das so? Die Resilienz-Studie… First…
-
Rhysida Hacking Group Strikes More Healthcare Providers
Mental Health Provider, Kansas Clinics Are Latest Victims of Cybercriminal Gang. A Kansas-based medical practice and a Rhode lsland-based provider of mental health and addiction counseling and related services are the latest victims in a growing list of healthcare organizations reporting major data breaches by cybercriminal gang Rhysida. First seen on govinfosecurity.com Jump to article:…
-
How can I secure NHIs during rapid deployment cycles?
Are Your Machine Identities Adequately Protected During Rapid Deployment Cycles? Organizations across industries are leveraging the unprecedented benefits of the cloud. Financial services, healthcare, travel, and tech-driven sectors like DevOps and SOC teams are especially invested. However, this adoption isn’t without its unique set of challenges. One pertinent question is, how can organizations secure Non-Human……
-
Kansas healthcare provider says more than 220,000 impacted by cyberattack
Sunflower Medical Group said it initially discovered the breach on January 7 and hired a cybersecurity firm to investigate before it was discovered the hackers had been inside their systems since mid-December. First seen on therecord.media Jump to article: therecord.media/kansas-healthcare-provider-data-breach
-
Rhysida pwns two US healthcare orgs, extracts over 300K patients’ data
Terabytes of sensitive info remain available for download First seen on theregister.com Jump to article: www.theregister.com/2025/03/10/rhysida_healthcare/
-
RansomHouse gang claims the hack of the Loretto Hospital in Chicago
Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.
-
560,000 People Impacted Across Four Healthcare Data Breaches
Several healthcare organizations in different US states have disclosed data breaches affecting 100,000-200,000 individuals. The post 560,000 People Impacted Across Four Healthcare Data Breaches appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/560000-people-impacted-across-four-healthcare-data-breaches/
-
Are Efforts to Help Secure Rural Hospitals Doing Any Good?
Biden-Era Cyber Aid Programs Are Still Available, But Future is Uncertain. Even though rural hospitals and other small healthcare providers don’t have deep pockets, cybercriminals continue to target them with ransomware, often causing serious disruption and compromises affecting large swaths of patients. What can be done to help them strengthen cybersecurity? First seen on govinfosecurity.com…
-
How AI in Healthcare Can Speed Up Cyber Response
Artificial intelligence-based tools are among the most promising advancing technologies for healthcare sector organizations to help to address cybersecurity resource shortages, said Chris Tyberg, CISO of medical device and consumer health product manufacturer Abbott. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/how-ai-in-healthcare-speed-up-cyber-response-i-5463