Ransomware-wielding attackers continue to pummel organizations. But labeling these as being just ransomware attacks often misses how much these incidents involve serious network intrusions, exfiltration of extensive amounts of data, data leaks and, as a result, reportable data breaches.
A lawsuit filed against a small Georgia hospital by four of its nurses who allege the facility "schemed to manufacture false negative COVID-19 test results" for several patients who previously tested positive is shining a light on delicate issues involving whistleblowers and the privacy of patient records.
The Maze ransomware gang is continuing to exfiltrate data from victims before crypto-locking their systems, then leaking the data to try to force non-payers to accede to its ransom demands. Don't want to play ransomware gangs' latest games? The only way to opt out is by planning ahead.
How big is the step from humans using drones to kill other humans to building lethal autonomous weapons systems that can kill on their own? Ethically and technologically, that's a huge leap. But military planners are working to build what some call "killer robots." And the UN wants them banned.
How have the cybersecurity challenges facing healthcare organizations changed during the COVID-19 pandemic? And how are organizations responding? Information Security Media Group's Healthcare Cybersecurity Virtual Summit, to be held on June 9 and replayed June 10 and 11, will provide insights.
The American Medical Association has issued a set of privacy principles for health data that it hopes Congress and regulators will keep in mind as they prepare legislation and regulations. In an interview, AMA Board Chair Jesse Ehrenfeld, M.D., describes the recommendations.
Don't forget to lock down online shared code repositories, as Mercedes-Benz parent company Daimler AG learned the hard way after a researcher was able to access nearly 9 GB of software development documentation from a misconfigured GitLab repository.
Security experts and law enforcement officials have long argued that paying ransoms doesn't pay. For starters, it directly funds the cybercrime ecosystem and makes it attractive for criminals to keep launching ransomware attacks.
Despite the need to battle COVID-19, several nations' in-development digital contact-tracing apps are already dogged by security and privacy concerns. Whether enough users will ever trust these apps to make them effective remains a major question. Is it too late to get more projects back on track?
Can you "big tech" a way out of a pandemic? Many governments around the world are trying, and Australia is joining the herd with a contact tracing app. But Australia has a splotchy record of large government tech projects, including in health, that may result in low voluntary adoption of an app.
An emerging technology, Vvendor Privileged Access Management (VPAM) can provide both operational efficiencies and increased security in your projected ROI analysis. And that is a rare combination in InfoSec these days.
To help deal with the coronavirus outbreak, healthcare providers are examining how to implement or expand the use of telehealth services to remotely evaluate and care for patients. But these providers need to carefully consider privacy and security issues as they work to quickly offer these services.
Time for a fresh edition of "learn from how others get breached" focusing on Equifax. The goal is not blame, but rather to highlight specific missteps so others can avoid making the same mistakes. The Equifax breach offers a plethora of takeaways to help organizations better repel attackers.