New cybersecurity requirements may soon be introduced for US healthcare firms The new rules will aim to protect systems which hold sensitive information These will cost an estimated $9 billion in the first year A new set of requirements have been proposed by the US Department of Health and Human Services (HHS) for healthcare firms…
In the second of a two-part series on tools and frameworks designed to help with remediation prioritization, we explore some alternatives to CVSS
Cyber insurance should augment your cybersecurity strategy — not replace it.
Proactive defenses, cross-sector collaboration, and resilience are key to combating increasingly sophisticated threats.
The United States Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients’ data against potential cyber attacks. The proposal, which seeks to modify the Health Insurance Portability and Accountability Act (HIPAA) of 1996, is part of a broader…
Every week, the digital world faces new challenges and changes. Hackers are always finding new ways to breach systems, while defenders work hard to keep our data safe. Whether it’s a hidden flaw in popular software or a clever new attack method, staying informed is key to protecting yourself and your organization. In this week’s…
News has been making headlines over the weekend of the extensive attack campaign targeting browser extensions and injecting them with malicious code to steal user credentials. Currently, over 25 extensions, with an install base of over two million users, have been found to be compromised, and customers are now working to figure out their exposure…
Organizations in the region should expect to see threat actors accelerate their use of AI tools and mount ongoing “harvest now, decrypt later” attacks for various malicious use cases.
A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft. The attack targeted publishers of browser extensions on the Chrome Web Store via a phishing campaign and used their access permissions to insert malicious code into…
A high-severity flaw impacting select Four-Faith routers has come under active exploitation in the wild, according to new findings from VulnCheck. The vulnerability, tracked as CVE-2024-12856 (CVSS score: 7.2), has been described as an operating system (OS) command injection bug affecting router models F3x24 and F3x36. The severity of the shortcoming is lower due to…