DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Members of the health care and financial industries, along with other industries that hold sensitive data, are warned that a ChatGPT vulnerability is being actively exploited by threat actors to attack security flaws in AI...more
On October 22, 2024, Microsoft issued a threat trend research report entitled “US Healthcare at risk: Strengthening resilience against ransomware attacks.” In it, Microsoft declares that ransomware attacks against the...more
The Ankura Cyber Threat Investigations and Expert Services (CTIX) FLASH Wrap-Up is a collection of high-level cyber intelligence summaries pertaining to current or emerging cyber events in December 2023, originally published...more
With a couple of “firsts,” the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is signaling that it is cracking down on healthcare organizations that fail to identify and address cybersecurity...more
On November 17, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released a supplemental mitigation guide for the healthcare and public health sector to the Cyber Risk Summary for those sectors published on...more
In the hyper-connected era of smart manufacturing, accelerated by “Industry 4.0,” the manufacturing sector is undergoing a digital revolution. By leveraging technologies such as advanced automation, artificial intelligence,...more
Key Points: Illumina DNA sequencing machines are vulnerable to exploitation. Both the Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have published advisories urging all...more
Cybersecurity is a top concern for all industries, particularly for the pharmaceutical and medical device industries. These industries hold some of the most sensitive data and highly valuable technology, making them prime...more
The U.S. Food and Drug Administration (FDA or the Agency) has issued guidance concerning cybersecurity requirements for certain medical device premarket submissions (the Guidance). The Guidance outlines the implementation of...more
ALERT: Recent guidance from the Food and Drug Administration (“FDA”) clarifies a procedural issue for premarket submissions related to cybersecurity of medical devices and emphasizes the importance of collaboration between...more
New SEO Poisoning Campaign Utilizing "Gootkit" Malware Loader Targets the Australian Healthcare Sector - The operators of the "Gootkit" malware loader (otherwise known as "Gootloader") have started a new search engine...more
CYBERSECURITY - Nineteen States Have Banned TikTok on Government-Issued Devices - Governors of numerous states have issued Executive Orders in the past several weeks banning TikTok from government-issued devices and...more
The federal government has implemented a program in which each household can order four free COVID-19 test kits through the United States Postal Service (USPS). This is a perfect opportunity for scammers to spoof the USPS...more
“Side-Channel” attacks generally refer to a type of criminal cyber attacker activity that exploits vulnerabilities so that the attacker can collect and analyze “leakage” of data from a device, as a means to identify certain...more
The Health Care Sector Cybersecurity Coordination Center (IC3) recently released an Analyst’s Note to health care organizations providing information on a new variant of ransomware called Venus (also known as GOODGAME)....more
Report on Patient Privacy Volume 22, Number 11. November 2022 - The second largest nonprofit hospital chain in the U.S. has been grappling with an Oct. 3 cybersecurity incident that affected facilities across the country,...more
The Cybersecurity & Infrastructure Security Agency, the FBI and the U.S. Department of Health & Human Services released a Joint Advisory last week warning organizations, particularly those in the health care and public health...more
The FBI issued a Private Industry Notification targeted to the health care sector on September 12, 2022, warning that it has “identified an increasing number of vulnerabilities posed by unpatched medical devices that run on...more
The FDA has been continuing to work on protecting medical devices from the threats of cybersecurity. In April of this year, the Agency released the latest draft guidance addressing cybersecurity in the medical device...more
According to the 2022 State of Ransomware Report issued recently by Sophos, it surveyed 5,600 IT professionals from 31 countries, including professionals in the health care sector. Those professionals in the health care...more
As if health care entities don’t have enough to worry about during this chaotic and difficult time in the pandemic, a new report released by Cynerio, entitled “The State of IoMT Device Security 2022,” provides a list of...more
ECRI has been publishing its annual report of health technology hazards for the past 15 years. According to ECRI’s Device Evaluation group, “the Top 10 Health Technology Hazards list identifies the potential sources of danger...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the California attorney general's draft regulations on the California Consumer Privacy Act, the CJEU's clarified rulings on the use of cookies, the...more
In an effort to phase out what many in the security world believe are threats to the cybersecurity posture of governmental agencies and private entities alike, John Quinn, the Chief Information Officer of the State of...more
The U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Team (US-CERT) recently issued an advisory outlining three vulnerabilities of Drager Infinity Delta patient monitoring devices....more