Healthy InfoSec

By don kasprzak | Cybersecurity across healthcare

Why targeted phishing is the most dangerous fraud businesses face today

You’ve heard the rap – Bitcoin, overpriced stocks, Ponzi schemes – there’s always a new “get rich quick” strategy out there, but most successful …

Cybersecurity

5 obstacles that stand in the way of data security

Frequent cyberattacks are a grim reality of our tech-savvy society. The healthcare industry is particularly vulnerable to these attacks, in light of …

Cybersecurity

Why IT support is crucial in a value-based care era

The effectiveness of IT support organizations—from application help desks to clinical service desks—were once gauged narrowly by their return on …

Innovation

Triple-S Advantage discloses PHI breach resulting from mailing error

Triple-S Advantage, the Blue Cross Blue Shield licensee in Puerto Rico, has run afoul of privacy and security regulations after mailing a large …

IT

Colorado proposes requiring data breaches to be reported in 30 days

The Colorado legislature is considering a bill to drastically improve the state’s privacy and data security law, including giving organizations just …

Health Care Technology

NIST looks to demystify blockchain, assesses its potential for healthcare

According to Gartner's famous Hype Cycle, blockchain technology has already begun its precipitous slide into the trough of disillusionment, with five …

Blockchain

Top 10 Malware January 2018

<b>Kovter</b> is a Trojan, which has been observed acting as click fraud malware or a ransomware downloader. It is disseminated via malspam email …

Yahoo

Null Character Bug Lets Malware Bypass Windows 10 Anti-Malware Scan Interface

Malware that embeds a null character in its code can bypass security scans performed by the Anti-Malware Scan Interface (AMSI) on Windows 10 …

Information Security

36K Notified of Potential Healthcare Data Breach from Mailing Error

February 15, 2018 - A mailing error has led to a potential healthcare data breach for Triple-S Advantage (Triple-S) members, according to an online …

Identity Theft

Filefax PHI Disclosure Leads to $100K OCR HIPAA Settlement

Filefax, Inc. went out of business in 2017, but that does not mean that an OCR HIPAA settlement can be avoided due to an earlier PHI disclosure, …

IT

Hospital Data Breaches Most Common, Affect the Most Patients

Hospital data breaches accounted for approximately 30 percent of large data security incidents reported to OCR from 2009 to 2016, according to a …

Cybersecurity

The Difference Between Healthcare Data Encryption, De-identification

As healthcare organizations invest in the latest technological advances for cost savings and better patient care, cybersecurity measures must also be …

Information Systems

How the FTC Act, HIPAA Privacy Rule Impact Healthcare Orgs

February 19, 2018 - Collecting and sharing consumer health information is fairly standard practice for covered entities and their business …

Privacy

Medical devices pose security nightmare, researchers say

Though recent years have brought life-changing advances in medical equipment, researchers say that increasing risks posed by cyber-attacks can put …

Cybersecurity

Why Some Entities Pay Extortionists to Unlock Patient Data

Law enforcement officials strongly advise against paying ransoms to extortionists after a ransomware attack. Nevertheless, some healthcare entities …

Cybersecurity

Locking Down PowerShell To Foil Attackers: 3 Essentials

Microsoft Taps Machine Learning To Better Combat Fileless Malware Jeremy Kirk (jeremy_kirk) • February 19, 2018<p>Microsoft's PowerShell scripting …

Machine Learning

National Checklist Program for IT Products--Guidelines for Checklist Users and Developers

<b>Published:</b> February 15, 2018<p>Author(s)<p>Stephen D. Quinn, Murugiah P. Souppaya, Melanie Cook, Karen A. Scarfone<p>Abstract<p>A security configuration …

Project Management

SCAP 1.3 Component Specification Version Updates: An Annex to NIST Special Publication 800-126 Revision 3

<b>Published:</b> February 14, 2018<p>Author(s)<p>Harold Booth, David A. Waltermire, Mark L. Badger, Melanie Cook, Stephen D. Quinn, Karen Scarfone<p>Abstract<p>The …

Information Security

The Technical Specification for the Security Content Automation Protocol (SCAP) Version 1.3

<b>Published:</b> February 14, 2018<p>Author(s)<p>David A. Waltermire, Stephen D. Quinn, Harold Booth, Karen Scarfone, Dragos Prisaca<p>Abstract<p>The Security Content …

Information Security

Healthcare IoT Security Market – Doubling the market in just 3.4 years! The explosive power of ~22% CAGR By 2022

The intense need for in-depth understanding of the “<b>Healthcare IoT Security Market</b> -Forecast to 2022″ coupled with its high growth potential …

Internet of Things

Multi-Stage Email Word Attack Without Macros

Malware authors often distribute malware through code macros in Microsoft Office documents such as Word, Excel, or PowerPoint. Regardless of the …

Cybersecurity

New Word malware attacks infect systems without using macros

Security researchers have discovered a new email spam campaign that tries to get users to open up Word document attachments that downloads a password …

Cybersecurity

HP recalls enterprise, consumer laptop batteries over fire risk

HP is recalling batteries for 10 of its laptop models due to the potential for them to overheat and catch fire.<p>The company issued an alert for its US …

Lithium Ion

Microsoft Edge vulnerability exposed as Microsoft misses Google's Project Zero disclosure deadline

Google has revealed details of a security vulnerability in Microsoft Edge before a patch has been produced. Through Project Zero, Google notified …

Microsoft Edge

Dell EMC issues patches for two remote access vulnerabilities

Dell EMC issued an advisories and updates for a pair of vulnerabilities found in the company's Dell EMC VMAX Virtual Appliance (vApp) Manager.

IT security

U.S. intel officials: Chinese phones, telecom services could be espionage tools

In testimony before the Senate Intelligence Committee last Tuesday, six top U.S. intelligence officials unanimously advised against government bodies …

Surveillance

Hidden Cobra malware infects Android devices with RAT, turns Windows machines into proxies

The Department of Homeland Security (DHS) and FBI on Tuesday jointly released two new reports analyzing trojan malware attributed to Hidden Cobra, …

Information Security

Do you have Intel AMT? Then you have a problem today! Intel Active Management Technology INTEL-SA-00075, (Tue, May 2nd)

There have been some reports to us about an issue with Intel Active Management Technology, Intel Small Business Technology, and Intel Standard …

Information Security