Tag: healthcare
-
Trizetto Notifying 3.4M of 2024 Hack Detected in 2025
Compromise Affects Healthcare Clients of Co.’s Revenue Cycle Management Services. Billing services vendor Trizetto Provider Solutions is notifying 3.4 million individuals of a hacking incident discovered in October 2025 that investigators have now determined started nearly a year earlier, when threat actors accessed the company’s healthcare clients’ insurance related data. First seen on govinfosecurity.com Jump…
-
HHS updates a free risk tool to help hospitals size up their cybersecurity exposure
HHS has updated its free RISC 2.0 toolkit with a new cybersecurity module, asking hospitals to assess digital threats alongside hurricanes, power failures and other hazards. First seen on cyberscoop.com Jump to article: cyberscoop.com/hhs-aspr-cybersecurity-risc-toolkit-update/
-
Invisible Lifelines: DCIM Empowers Healthcare Teams
Hospital system downtime puts patient lives at immediate risk. Every second of network failure delays critical care and halts emergency operations. Data Center Infrastructure Management (DCIM) software stops these dangerous outages before they happen. Healthcare teams rely on DCIM tools to monitor infrastructure health, predict system failures, and secure vital patient records. Real-time visibility into…
-
Invisible Lifelines: DCIM Empowers Healthcare Teams
Hospital system downtime puts patient lives at immediate risk. Every second of network failure delays critical care and halts emergency operations. Data Center Infrastructure Management (DCIM) software stops these dangerous outages before they happen. Healthcare teams rely on DCIM tools to monitor infrastructure health, predict system failures, and secure vital patient records. Real-time visibility into…
-
Should Cloud Be Classed as Critical Infrastructure?
Tags: access, authentication, banking, breach, business, cloud, compliance, computing, container, control, cyber, cybersecurity, data, dora, encryption, fido, finance, framework, governance, Hardware, healthcare, identity, incident, infrastructure, mfa, network, nis-2, radius, regulation, resilience, risk, saas, service, strategy, supply-chain, technologyShould Cloud Be Classed as Critical Infrastructure? madhav Thu, 03/05/2026 – 09:53 Over the past few years, large-scale cloud outages have demonstrated just how deeply digital services are woven into the fabric of modern society. When widely used cloud platforms experience disruption, the impact extends far beyond individual applications; banking services stall, transport systems falter,…
-
Police dismantle major phishing platform blamed for attacks on hospitals and schools
International law enforcement agencies have dismantled a major phishing-as-a-service platform used to target hundreds of thousands of accounts worldwide, including those tied to hospitals and schools, Europol said Wednesday. First seen on therecord.media Jump to article: therecord.media/police-dismantle-tycoon-2fa-phishing-platform
-
Iranian cyberattacks fail to materialize but threat remains acute
Tags: ai, application-security, attack, ceo, control, country, cyber, cyberattack, cybercrime, cybersecurity, defense, endpoint, finance, government, group, healthcare, infrastructure, intelligence, Internet, iran, malware, mfa, monitoring, phishing, risk, service, supply-chain, technology, threat, tool, update, vpnTargeting and response: According to Adrian Cheek, a senior cybercrime researcher at Canadian threat intelligence company Flare, the most at-risk sectors are critical infrastructure, including the defense and government supply chain, financial services, energy, and healthcare.”Water, energy, and healthcare sectors are currently the most exposed. These sectors combine high targeting priority with weak baseline security,…
-
Groups Push Back on HHS’ Proposed Health IT Rollbacks
CHIME, AHA, Others Contend Privacy, Security Burden Would Shift to Providers. Proposals to eliminate certain longstanding health IT certification criteria – including privacy and security related controls – will shift regulatory burden from health IT developers to healthcare providers, some industry groups contend in their public response to proposed federal rulemaking. First seen on govinfosecurity.com…
-
One Foothold, 25 Million Victims: The Risk Inside Modern Breaches
In last month’s reporting cycle, we saw one of the largest healthcare data breaches in U.S. history, ransomware groups tied to North Korea targeting hospitals, and firewall vulnerabilities that allowed attackers to create rogue administrative accounts almost instantly. Taken together, these incidents raise a more important question than who was hit. They force us to……
-
Healthcare organizations are accepting cyber risk to cut costs
Healthcare organizations are cutting cybersecurity budgets under financial pressure even as the threats targeting their systems intensify. A PwC survey of 381 global … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/03/pwc-healthcare-cybersecurity-threats-2026/
-
How safe are Non-Human Identities from cyber threats
Why Are Non-Human Identities Crucial in Combating Cyber Threats? Have you ever considered the importance of Non-Human Identities (NHIs)? Protecting these machine identities has become as critical as safeguarding human credentials, particularly with the rise of automation and cloud computing. NHIs serve as the backbone of authentication processes in various industries, including financial services, healthcare,……
-
How does AI contribute to cybersecurity stability
Is AI the Key to Cybersecurity Stability? Where digital threats are becoming increasingly sophisticated, one might ask: can artificial intelligence be the linchpin in fortifying our defenses and achieving cybersecurity stability? With industries like financial services, healthcare, travel, and technology double down on using innovative systems, including DevOps and security operations centers (SOC), it becomes……
-
Iran Conflict Elevates Cyber Risk for Healthcare
Tags: attack, country, cyber, cyberattack, ddos, healthcare, Internet, iran, military, ransomware, riskExperts Warn of DDoS, Ransomware, Proxy And Other Attacks on Health Sector. The escalating conflict emerging from the U.S. and Israel military strikes this weekend on Iran, which killed the country’s top leadership and crippled its internet connectivity, could erupt into cyberattacks against the healthcare sector by Iranian sympathizers and proxies, experts warn. First seen…
-
Cyberattacks on Hospitals Cost Lives. Here’s How to Fight Back at Machine Speed.
Healthcare is the most targeted industry for cyberattacks, and ransomware-related delays in care have been linked to patient deaths. D3 Morpheus gives healthcare SOC teams an AI-autonomous platform that correlates alerts across the entire security stack, identifies ransomware kill chains in progress, and produces the audit-ready evidence trail that HIPAA and HITECH demand. First seen…
-
Senate Health Cyber Bill Clears Committee Hurdle
Bipartisan Bill Would Mandate Multifactor Authentication, Pen Testing. Proposed legislation that’s been kicking around Congress for the last few years that aims to help bolster cybersecurity of the healthcare sector cleared a critical hurdle on Thursday. But will the bill gain enough momentum to pass the full Senate, the House and be signed into law?…
-
Life Mirrors Art: Ransomware Hits Hospitals on TV & IRL
HBO’s The Pitt is showing audiences what a real Mississippi healthcare system is going through this week, thanks to a ransomware attack. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/ransomware-hospitals-tv-irl
-
Suspected Nork digital intruders caught breaking into US healthcare, education orgs
Who is knocking at the Dohdoor? First seen on theregister.com Jump to article: www.theregister.com/2026/02/27/suspected_nork_digital_intruders_caught/
-
HHS Warns of Threats to Electronic Health Records
Urges Entities to Take a ‘Proactive’ Approach to Safeguard Patient Records. Healthcare entities should implement a proactive preparedness approach for protecting their electronic health record systems, which are an increasingly attractive target for cyberattacks and other breaches, federal authorities warn. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hhs-warns-threats-to-electronic-health-records-a-30878
-
Why application security must start at the load balancer
Tags: application-security, attack, authentication, breach, business, compliance, control, credentials, defense, detection, encryption, exploit, finance, guide, healthcare, identity, incident response, infrastructure, Internet, nist, risk, service, technology, threat, tool, waf, zero-trustInternet traffic hits the load balancerThe load balancer forwards traffic as fast as possibleSecurity happens laterThe problem is simple. If the first system doesn’t enforce trust, everything behind it is already compromised by design. Example 1: Financial services: The team invested heavily in downstream security tools. But the load balancer accepted weak TLS versions and…
-
Dohdoor Malware Targets U.S. Schools and Healthcare with Multi-Stage Attack
A new backdoor dubbed Dohdoor is actively targeting schools and health care organizations in the United States through a stealthy multi-stage attack chain. UAT-10027 focuses on education and health care entities in the U.S., sectors that handle highly sensitive personal and medical data but often have limited security budgets and legacy systems. Cisco Talos assesses with low…
-
How smart are NHIs in managing complex security environments
How Do Non-Human Identities (NHIs) Enhance Security in Complex Digital Environments? Have you ever considered how machine identities, known as Non-Human Identities (NHIs), revolutionize cybersecurity? Understanding and managing NHIs can be critical in safeguarding complex security environments. From finance to healthcare and travel, professionals face significant challenges when orchestrating a secure, cloud-based infrastructure. Let’s delve……
-
HHS Seeks Sector Input on AI for Fighting Healthcare Fraud
Request for Information Is Part of a Broader Medicare, Medicaid Fraud ‘Crackdown’. The U.S. Department of Health and Human Services will use advanced AI tools to more quickly detect Medicare and Medicaid fraud before scam claims are paid. As part of the major crackdown on healthcare fraud, HHS is also seeking public input on AI…
-
UAT-10027 campaign hits U.S. education and healthcare with stealthy Dohdoor backdoor
UAT-10027 campaign is targeting U.S. education and healthcare sectors to deploy a new Dohdoor backdoor. Cisco Talos has identified a new threat cluster, tracked as UAT-10027, targeting U.S. education and healthcare organizations since at least December 2025 to deploy a previously unseen backdoor named Dohdoor. Initial access likely occurs through phishing, triggering a PowerShell script…
-
The “Analog Panic Button”: What The Pitt Gets Right (and Wrong) About Hospital Cyber Resilience
When ransomware hits a hospital, shutting everything down isn’t resilience. Learn how healthcare CISOs prevent hospital-wide outages with identity security, network segmentation validation, and CTEM. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/the-analog-panic-button-what-the-pitt-gets-right-and-wrong-about-hospital-cyber-resilience/
-
UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor
A previously undocumented threat activity cluster has been attributed to an ongoing malicious campaign targeting education and healthcare sectors in the U.S. since at least December 2025.The campaign is being tracked by Cisco Talos under the moniker UAT-10027. The end goal of the attacks is to deliver a never-before-seen backdoor codenamed Dohdoor.”Dohdoor utilizes the DNS-over-HTTPS…
-
UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor
A previously undocumented threat activity cluster has been attributed to an ongoing malicious campaign targeting education and healthcare sectors in the U.S. since at least December 2025.The campaign is being tracked by Cisco Talos under the moniker UAT-10027. The end goal of the attacks is to deliver a never-before-seen backdoor codenamed Dohdoor.”Dohdoor utilizes the DNS-over-HTTPS…
-
UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor
A previously undocumented threat activity cluster has been attributed to an ongoing malicious campaign targeting education and healthcare sectors in the U.S. since at least December 2025.The campaign is being tracked by Cisco Talos under the moniker UAT-10027. The end goal of the attacks is to deliver a never-before-seen backdoor codenamed Dohdoor.”Dohdoor utilizes the DNS-over-HTTPS…
-
UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor
A previously undocumented threat activity cluster has been attributed to an ongoing malicious campaign targeting education and healthcare sectors in the U.S. since at least December 2025.The campaign is being tracked by Cisco Talos under the moniker UAT-10027. The end goal of the attacks is to deliver a never-before-seen backdoor codenamed Dohdoor.”Dohdoor utilizes the DNS-over-HTTPS…
-
KLAS Research zeichnet Claroty als Top-Performer im Bereich Healthcare-IoT-Sicherheit aus
Claroty wurde vom renommierten Healthcare-Analyseunternehmen KLAS Research als Top-Performer für IoT-Sicherheit im Gesundheitswesen ausgezeichnet. In dem Report ‘2026 Best in KLAS Awards: Software and Services Report” erhielt der Spezialist für die Sicherheit cyberphysischer Systeme eine Gesamtbewertung von 92,5 von 100 Punkten. Diese basiert auf Kundenbewertungen von 35 verschiedenen Gesundheitseinrichtungen und spiegelt so die Erfahrungen im…
-
5 trends that should top CISO’s RSA 2026 agendas
Tags: access, ai, attack, authentication, backup, business, cio, ciso, cloud, conference, control, corporate, cryptography, cyber, cybersecurity, data, defense, detection, edr, finance, framework, governance, group, healthcare, identity, incident response, intelligence, network, okta, resilience, risk, saas, service, skills, software, strategy, tactics, technology, threat, tool, training, update, vulnerability, zero-trustCTEM in the spotlight: In another evolutionary trend, most organizations are moving beyond scanning for software snafus to continuous threat exposure management (CTEM). By doing so, security teams hope to get a full picture of all assets, as well as their configurations, locations, software vulnerabilities, ownership, and business criticality.Armed with this data, CTEM platforms look…