DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the justifications...more
With a couple of “firsts,” the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is signaling that it is cracking down on healthcare organizations that fail to identify and address cybersecurity...more
“Side-Channel” attacks generally refer to a type of criminal cyber attacker activity that exploits vulnerabilities so that the attacker can collect and analyze “leakage” of data from a device, as a means to identify certain...more
CYBERSECURITY - Joint CISA/FBI Alert on Vulnerability in Zoho ManageEngine ServiceDesk Plus - On December 6, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI)...more
CYBERSECURITY - GAO Report Identifies Need for DOE to Address Risks to Electrical Distribution System - The United States Government Accountability Office (GAO) recently completed and published a study on electricity...more
The CISA, FBI and HHS have issued an alert (https://us-cert.cisa.gov/ncas/alerts/aa20-302a) regarding an imminent threat to hospitals and health care providers. Federal agencies have credible information to suggest that a...more
Microsoft Issues Cybersecurity Risk Warning and Offers Help to Hospitals During COVID-19 Crisis - On April 1, 2020, Microsoft issued a specific warning to health care entities alerting them that they are at particular risk...more
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more
A reporter from the Philadelphia Inquirer discovered that sensitive data of hepatitis patients were accessible online through a Philadelphia Department of Public Health (DPH) website tool without the need for a password. The...more
For data security buffs like me, the recent McAfee® Labs Threats Report, December 2018 is, or should be, a top pick on the list. Well, maybe not for the holiday reading list. We need to be careful not to bring up the results...more