Among the simplest things that vendors can do to help improve the cybersecurity of their products is providing better transparency, especially regarding the third-party components contained in their technology, says Rob Suárez, CISO of medical device maker Becton Dickinson.
In a span of just days, two prominent congressmen who have long advanced cybersecurity at the federal level announced that they will not be seeking reelection in 2022. Reps. Jim Langevin, D-R.I., and John Katko, R-N.Y., will, however, pursue a cyber agenda throughout the remainder of their terms.
Attackers have been actively targeting Log4j vulnerabilities, or Log4Shell, vulnerabilities in the servers of virtualization solution VMware Horizon to establish persistent access via web shells, according to an alert by the U.K. National Health Service.
OpenSubtitles, a website providing free movie subtitles, confirmed to its users today that it had been hacked last August and the hacker had demanded a ransom to remain silent about the attack and to delete the leaked data. This data breach affected 6,783,158 users.
VPN Lab, known for its alleged wide use by ransomware threat actors, has been shut down. Fifteen servers associated with VPNLab.net were seized or disrupted based on multiple international investigations tying the VPN service provider to cybercrime operations, according to Europol.
JPMorgan Chase will earmark $12 billion for technological updates - including cloud migration, upgrading legacy architecture, data strategy, and emerging technologies. About half of this budget will go toward security modernization, while the other half will be invested into digital innovation.
Ransomware group ShinyHunters has published 700 GB of data stolen from Indian firm Aditya Birla Fashion and Retail on a dark web forum, says Troy Hunt of Have I Been Pwned. A source at the retailer, however, says that its threat intrusion and detection solutions have not shown signs of an attack.
Endpoint detection and response software news: The entity formerly known as McAfee Enterprise and FireEye Products has a new name: Trellix. Think of a "security trellis to businesses across the globe, giving them support they need to keep them safe," says CEO Bryan Palma. Will customers and prospects buy in?
Because healthcare IT environments are so complicated, it will become essential for all suppliers to provide and maintain a software bill of materials for their products to remain relevant, says Curt Miller of the Healthcare Supply Chain Association.
In 2022, there will be a push for identity management capabilities that are behind the scenes and built into processes, says Peter Tapling, a board member on the U.S. Faster Payments Council.
Federal regulators have released the final versions of the long-awaited Trusted Exchange Framework and Common Agreement, which provide a governance framework to promote secure, interoperable nationwide health information exchange - an effort that has been in the making for years.
Privacy regulators in Europe last year imposed known fines totaling more than $1.2 billion under the EU's General Data Protection Regulation, including two record-breaking sanctions, law firm DLA Piper finds. The total value of fines in 2021 was nearly a sevenfold increase from that seen in 2020.
A new threat group linked to China, dubbed "Earth Lusca" by researchers, is not only running cyberespionage campaigns against governments around the globe, but also seeking financial gain.
Over the past decade, many healthcare cybersecurity programs have evolved from "recovery" to "resilience." But Jon Moore of Clearwater says resilience is no longer sufficient against relentless attackers. He now promotes a philosophy that embraces "antifragility," including more and varied testing.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.