Get notifications!

Coronavirus & Work From Home Security

With the outbreak of the novel coronavirus came shelter-in-place orders and the common sense desire to keep people away from potential virus hotspots. For hospitals, that's resulted in a very serious effort to move non-essential employees to a work-from-home model. 

Coronavirus, Telemedicine, and Security

With the outbreak of the novel coronavirus crisis, hackers smell blood in the water. Focused on addressing the crisis, already stretched super thin, and forced to improvise at each new turn, healthcare organizations in particular present an attractive target for hackers.

Ripple20: Why this Latest Bundle of Related CVEs Is Making Waves

Yesterday CISA released an advisory for nineteen previously unknown vulnerabilities affecting Treck's embedded TCP/IP stack (also known as a network stack). This disclosure was the result of some very meticulous and dedicated research on the part of ...

Five Nearly Universal Enterprise Information Security Best Practices

In the world of enterprise information security, the specific areas of knowledge and expertise that set you apart in your current situation might not be as directly and immediately applicable to a different IT environment or different professional circumstances. ...

Windows 7 EoL Has Arrived: Now What?

Although Microsoft officially ended mainstream support for Windows 7 back in January 2015, the company continued to release security patches and offer updates for an additional five years. As of January 14th 2020, that’s no longer the case.
Load Posts

Windows 7 EoL Has Arrived: Now What?

Although Microsoft officially ended mainstream support for Windows 7 back in January 2015, the company continued to release security patches and offer updates for an additional five years. As of...

Windows DejaBlue: Lookalike RDP Flaws Emerge Months After BlueKeep

On August 13, 2019 Microsoft utilized “Patch Tuesday” to release 36 new CVEs. Of those vulnerabilities, four stand out for their striking similarity to the BlueKeep vulnerability that sent shock...

Everything HDOs Need to Know About URGENT/11

On July 29th, 2019, eleven vulnerabilities affecting the “VxWorks” Real Time Operating System (RTOS) were publicly disclosed. Since these vulnerabilities were all reported by the same source and...

In Perspective: the Baltimore Hack Attack

The world is a dangerous place. Perhaps it’s always been that way. Nature is governed by evolutionary competition, politics take shape where interests and power meet, and economics are ruled by...

New Anesthesia Machine Vulnerability Disclosure Tells a Bigger Story

For the first time, on July 9, 2019, ICS-CERT disclosed a vulnerability specifically impacting anesthesia machines. If exploited, the vulnerability would allow an attacker to silence alarms, alter...

Why CVE-2019-5599, SACK Panic, Is Causing Headaches

On June 18, 2019, Netflix researchers, together with MITRE, issued an advisory containing four vulnerabilities relating to how Linux handles TCP Selective-Acknowledgement (SACK) at the kernel...

The BlueKeep Vulnerability Is Stalking Hospital Halls

On May 14, 2019, Microsoft published an advisory for a newly discovered remote code execution vulnerability. Given the identifier CVE-2019-0708, the vulnerability has been more popularly named...

5 Scary Real-Life Cyber-Attacks You Probably Never Heard About

It’s often said there’s a statistic to support any story you want to tell, a fact that’s borne out by the worrying increase in fake news, but some are repeated so often they’re worth listening to:

Endpoint Detection & Response: Key to Hospital Network Security

Spurred by competition, razor-thin operating margins, and government regulation, healthcare organizations are under immense pressure to quickly and regularly implement new technologies.

Cybersecurity 101: Medical Technology Edition

The world is changing; and while there may never have been a time when that statement was not true, it seems particularly true today. Change these days seems to be a lot more aggressive and...

Where Healthcare Management, Spectre and Meltdown Meet

It’s been a year since Spectre and Meltdown — the hardware vulnerabilities discovered collaboratively by Google’s Project Zero and others — went public. Those vulnerabilities rightly garnered...

MOST READ POSTS

MOST RECENT POSTS

POSTS BY TAGS


──────
Give a Little Love and It All Comes Back to You!

healthcare-industry-report