Pitney Bowes says it was infected by file-encrypting malware that has affected online accounts and mailing products but that client data doesn't appear to be at risk. The postage meter maker says "all options" are being considered for recovery, meaning that it could pay a ransom.
Nation-state attackers have been targeting known flaws that customers have yet to patch in their Pulse Secure, Palo Alto and Fortinet VPN servers, Britain's National Cyber Security Center warns, adding that any organization that didn't immediately apply patches should review logs for signs of hacking.
The Food and Drug Administration has issued an alert warning healthcare organizations about 11 vulnerabilities dubbed "URGENT/11" involving IPnet, a third-party software component that may introduce risks for certain medical devices and hospital networks.
Cybercrime is surging thanks, in part, to the availability of inexpensive hacking tools and services. A recent look by security firm Armour at black market offerings finds stolen payment card data, RDP credentials, ransomware and DDoS services are widely available for sale.
Chinese advanced persistent threat groups are targeting cancer research organizations across the globe with the goal of stealing their work and using it to help the country address growing cancer rates among its population, according to researchers at cybersecurity company FireEye.
As the healthcare industry undergoes its own digital transformation, security is more important than ever. Okta's Nick Fisher says a zero trust model can keep hospitals and patients healthy when it comes to protecting their data.
DirectTrust, - known for creating and maintaining the Direct protocol and trust framework for secure email in healthcare - has kicked off a new initiative to develop industry standards for secure real-time instant messaging. What are the potential benefits?
Authentication vulnerabilities in certain GE Healthcare anesthesia devices could potentially allow remote attackers to meddle with the devices, researchers say. GE disputes some of the findings. Find out what other security experts have to say.
A cybersecurity vulnerability discovered in open source software used by organizations conducting genomic analysis could potentially have enabled hackers to affect the accuracy of patient treatment decisions. But the vulnerability was patched before hackers took advantage of it, researchers believe.
The traditional IAM strategy has been to tie individual users with a unique device. But that doesn't work in healthcare settings, where doctors and nurses often share multiple devices. Jigar Kadakia of Partners HealthCare talks about how he approaches this critical challenge.
Encouraged by the moves of medical device manufacturers, Jennings Aske, CISO of NY Presbyterian Hospital, says the "state of the union" of medical device security has improved dramatically. But what more is needed to mitigate risks?
In this session, HHS OCR provides an update on its latest HIPAA compliance and regulatory efforts - including possible modifications to the HIPAA rules. Then a panel of experts discusses:
Latest health data breach trends, including soaring hacker incidents;
The evolving regulatory climate and its impact on health...
What approaches are healthcare entities taking with their credentialing and IAM to better verify and manage the identities of patients, clinicians, researchers, vendors and others who want or need access to health and other critical data? Our panelists Cris Ewell, CISO at UW Medicine and Jigar Kadakia, CISO and chief...
Suzanne Schwartz, MD, Associate Director for Science and Strategic Partnerships, at the Food and Drug Administration's Center for Devices and Radiological Health, will provide an update on FDA's medical device cyber efforts. That includes the status of a draft update to the cybersecurity guidance for premarket...