Authentication requiring stored credentials is not only vulnerable to phishing and other compromises, but using these credentials can also be cumbersome for busy clinicians, said Tina Srivastava, co-founder of Badge, a provider of deviceless, tokenless authentication technology.
Cutting kernel mode dependencies and adopting safe deployment practices will make endpoint systems more resilient and secure for Windows customers. Tuesday's meeting came two months after a faulty CrowdStrike update disrupted 8.5 million Windows machines and caused $5.4 billion in direct losses.
Rural and small hospitals and other healthcare providers often complain that a lack of resources is a major factor stunting their cybersecurity maturity. But even when offered free or discounted cyber assistance, many of these organizations aren't signing up.
This week, cyberthreats rising in Mexico; FBI warned of BEC scams; U.K. police arrested hacking suspect; Avis, Slim CD, Medicare and Fortinet disclosed breaches; Highline public schools reopened after cyberattack; a critical flaw was found in WHOIS; and Konni upped attacks on Russia, South Korea.
An AI-powered virtual care provider's unsecured database allegedly exposed thousands of sensitive mental health and substance abuse treatment records between patients and their counselors on the internet - where they were available to anyone, said the security researcher who discovered the trove.
ColorTokens purchased PureID, expanding its zero trust framework with identity-based segmentation for cloud and hybrid environments. The acquisition focuses on securing cloud applications, microservices and APIs through advanced identity-based authentication.
Hellman & Friedman has met with several investments banks in recent weeks and will choose one to run the sale process for Paramus, New Jersey-based Checkmarx, in which it hopes to get at least $2.5 billion, Calcalist reported. The private equity firm bought Checkmarx for $1.15 billion in April 2020.
Healthcare organizations often face obstacles in sharing cybersecurity information. Phil Englert and Errol Weiss from Health-ISAC advocate for shifting the focus from legal risks to business risks, improving incident response and building resilience through collaboration and transparency.
Operators behind a mysterious botnet named for a TCP routing port number are expanding the universe of targeted devices and taking steps to hide their infrastructure, warn Sekoia researchers. The 7777 - or Quad7 - botnet appears to have emerged in 2023.
Cybersecurity firm CrowdStrike has yet to see any lawsuits get filed against it by customers, following its July 19 faulty software update crashing systems worldwide. Does that speak to the company having run a well-executed crisis management strategy?
Progress Software released an urgent patch Thursday to fix a critical vulnerability that hackers could exploit to launch remote attacks. The company is no stranger to urgent patching. It was at the center of a Memorial Day 2023 mass hacking incident.
Darktrace has promoted COO Jill Popelka to CEO, replacing long-time leader Poppy Gustafsson. As the cybersecurity AI vendor prepares to finalize its sale to Thoma Bravo, Popelka will steer Darktrace into its next phase of growth. Gustafsson will join the board as a non-executive director.
A Louisiana-based ambulance company that provides emergency medical care services in four states is notifying nearly 3 million people that their sensitive health information was potentially stolen in a June hack. Ransomware gang Daixin claims to have published the data on its dark web leak site.
The global disruption caused by a faulty CrowdStrike software triggering a kernel panic and computer meltdowns has led government agencies, experts and vendors to call for rethinking Windows operating system resiliency, including the deep-level OS access security tools now require.
In the latest weekly update, ISMG editors discussed the implications of the recent arrest of Telegram's CEO in Paris for encrypted messaging services, the transformative impact of artificial intelligence in cybersecurity, and the latest regulations designed to curb fraud in electronic payments.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.