Truveta, a new big data collaborative research effort involving 14 U.S. healthcare providers, will share de-identified data on millions of patients in an effort to improve treatments through personalized medicine. But the project raises important privacy issues.
Ransomware continues to sting numerous organizations, and the problem only seems to be getting worse. More than ever, the onus is on potential victims to ensure they have essential defenses in place - and if possible, to proactively hunt for attackers who may already be inside their network.
Microsoft is making available the CodeQL queries it used to detect malicious implants in the massive supply chain attack that affected SolarWinds, tech firms and government agencies.
Microsoft has patched a critical vulnerability in Windows that can be exploited by tricking users to visit websites that use a malicious font. The flaw was found by Google's Project Zero bug-hunting team.
Security firm Positive Technologies says more than 6,000 VMware vCenter devices worldwide that are accessible via the internet contain a critical remote code execution vulnerability. VMware has issued recommendations for patching the flaw.
In light of the global shortage of semiconductors, President Joe Biden signed an executive order Wednesday requiring a federal review of supply chain risks for these chips. Also to be reviewed: supply chain risks for information and communications technology and the pharmaceutical industry.
The Senate Intelligence Committee's hearing about the supply chain attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions about what went wrong but also raised four key issues.
The cybersecurity agencies of five countries have issued a joint advisory warning that hackers are exploiting vulnerabilities in the Accellion File Transfer Appliance to steal data and execute ransomware. Australia's Transport for New South Wales and Canada's Bombardier are the latest victims to be revealed.
A California-based eye care provider – which also handles billing and other administrative services for a separate local surgery practice – says its online storage vendor was recently hit by hackers and paid a ransom for the return of patient data stolen from both entities.
A company's Wi-Fi network is an ever-present target for attackers, and the range of risks, particularly in an era of pervasive IoT, continues to grow. Tracie Thompson of HackHunter says rogue access can be difficult to locate and remove.
In an update on the investigation into the SolarWinds supply chain attack, Deputy National Security Adviser Anne Neuberger said the Biden administration is preparing "executive action" to address security shortcomings that have come to light.
Sen. Mark Warner, D-Va., is demanding more information from the FBI and the EPA about the Feb. 5 hacking of a water treatment facility in Oldsmar, Florida. Meanwhile, Sen. Marco Rubio, R-Fla., is requesting that the FBI provide "all assistance necessary" to the investigation.
A remote code vulnerability in the Android version of the file-sharing app SHAREit could allow hackers to tamper with the app's permissions, enabling them to steal sensitive data, reports security firm Trend Micro.
Mike Hamilton, founder and CISO of CI Security, followed an unusual path that led him to a career in cybersecurity. He says those who, like him, lack a formal education in security can build successful CISO careers.
French cybersecurity authorities are warning that widely used, open-source IT monitoring software called Centreon appears to have been hit by Russian hackers. But unlike the SolarWinds supply chain attack, in this campaign, attackers appear to have hacked outdated, unpatched versions of the software.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.