Advanced, a critical software and services vendor to the U.K.'s National Health Service, confirms a ransomware attack by "financially motivated" threat actors is behind an IT outage that is still disrupting various NHS services, including 111. Some disruptions could last for weeks, the company says.
Black Hat USA 2022 opened with somber warnings from Chris Krebs about why application developers, vendors and the government need to solve major industry challenges. Key security executives also discussed DNS visibility, cloud security, patch management, APT strategies and supply chain woes.
It's not enough for medical device makers to provide a software bill of materials - there also needs to be close attention paid to how vulnerabilities in components are communicated and managed, says medical device security expert Ken Hoyme.
As the U.K.'s National Health Service continues to deal with the impact of a cyberattack on one of its critical IT suppliers, the situation underscores the risks posed by vendors - and the need to have business continuity plans ready to deploy.
The U.K.'s National Health Service is experiencing IT outages resulting from a cyberattack on a third-party vendor. Birmingham-based technology provider Advanced's Adastra system supplies digital services for urgent healthcare services number 111.
Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says.
Health insurer Aetna ACE reported to federal regulators a health data breach affecting nearly 326,000 individuals tied to an apparent ransomware incident involving OneTouchPoint, a subcontractor that provides printing and mailing services to one of the insurer's vendors.
A Florida operator of urgent care clinics recently reported to federal regulators a health data breach affecting more than 258,000 individuals tied to a vendor's ransomware attack in May 2021. Why did it take so long to determine that the incident resulted in breach of protected health information?
Two hacking incidents involving vendors providing important IT-related and other services to dozens of covered entity clients are among the latest breaches affecting hundreds of thousands of individuals' data and show how mounting reliance on third parties creates increased risk to patient data.
Did you know that even though organizations recognize third-party threats expose them to great risk, many fail to take adequate measures to mitigate it? The report identifies four major themes:
How today’s organizations constantly exchange confidential information with third parties and why this exposes both sides...
Another proposed federal class action lawsuit alleges Facebook uses its Pixel tracking tool to collect millions of individuals' sensitive health data from healthcare provider websites without patients' knowledge or consent. HIPAA prohibits the use of PHI for marketing purposes without consent.
Federal regulators say credit unions should report cyber incidents within 72 hours, including those experienced by third-party vendors that process member data. Just five deposit, payment, and data processing service companies dominate the credit union market.
Researchers at BitSight say a common GPS tracker used in fleet management by organizations around the globe could be used by hackers to abruptly stop vehicles on highways or disable a car for ransom. Chinese manufacturer MiCODUS hasn't responded to researchers or U.S. officials.
Monsoon season in India can result in extreme rainfall but a ransomware attack in the southwestern state of Goa is preventing state authorities from obtaining data from flood monitors located on major rivers. The attack appears to have been made with a variant of Phobos ransomware.
The access landscape has changed. The traditional perimeters are dissolving, and as organizations move to a decentralized workforce and network architecture (including servers, data centers, access points, and more), what was previously safe behind a network wall is no longer protected.
Download this whitepaper to...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.