The process of patch management in modern healthcare is often met with a variety of obstacles. From budget constraints, to IT teams being overworked and understaffed, to limited detection capabilities and alert fatigue, security teams often do not have the resources to take on such a time-consuming task.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
SK Telecom, South Korea’s largest mobile network operator, warns about a malware attack that leaked sensitive USIM data, exposing subscribers to potential SIM swaps and surveillance.
A new report from Google's Threat Intelligence Group (GTIG) finds that 75 zero-days were exploited in the wild last year, with a little over half involving spyware.
Marks & Spencer shut down its systems after experiencing an apparent ransomware cyber incident that disrupted order collections and contactless payment.
A recent survey by the SANS Research Program showed 58% of respondents identified IT compromises as a leading initial attack vector for ICS/OT incidents. This reflects the increasingly interconnected nature of IT and OT environments and highlights the risks associated with this convergence.
A major data breach at health insurance giant Blue Shield of California appears to be a case of misconfiguring advertising analytics tools. Between April 2021 and January 2024, Google Analytics was misconfigured causing some personal information and potentially sensitive health data related to claims and searches to be available to Google’s ad network.
The 18th installment of the DBIR surveyed 22,052 total cyber attacks logged by Verizon's internal threat research team, over half of which (12,195) involved confirmed data breaches. Credential abuse continues in the lead at 22%. Exploitation of vulnerabilities is now up to 20%, followed by phishing at 16%.
CISA warns about heightened security risks from the alleged Oracle Cloud credential leak affecting about 140,000 tenants and advises organizations to apply recommended mitigations.
The Medusa ransomware gang is claiming responsibility for an alleged NASCAR data breach that allegedly leaked one terabyte of data.
Car rental giant Hertz Corporation has confirmed a data breach stemming from the Cleo managed file sharing platform's zero-day vulnerabilities that have affected nearly 100 organizations.










