Security News

The survey reinforces the need for healthcare organizations to integrate digital technology and solutions into all areas of the business ecosystem, including secure payment technology to provide peace of mind and ensure patients enjoy secure and seamless payment experiences. Between large hospital networks, private practices, specialists, and urgent care, the survey found that 44% of respondents felt that private practices handled payment and personally identifiable information most securely, and large hospital networks were rated by even fewer at 33%. With a 25% increase in healthcare data breaches year over year and reports of hospitals accounting for 30% of all large data breaches, patients have a heightened sense of awareness and interest in the processes their providers take to protect their information.

The bug, now officially denoted CVE-2021-44248, involves sending a request to a vulnerable server in which you include some data - for example, an HTTP header - that you expect the server will write to its logfile. Not just any old download: if the data that comes back is a valid Java program, then the server runs that file to "Help" it generate the logging data.

This influx calls for us to re-examine the HIPAA Security Rule to ensure healthcare entities are protecting patient information. Two notable rules were added to HIPAA: the Privacy Rule, to help cover the physical security of PHI, and the Security Rule, to safeguard electronic protected health information.

Windows Hello is a feature in Windows 10 that allows users to authenticate themselves without a password, using a PIN code or biometric identity-either a fingerprint or facial recognition-to access a device or machine. The Windows Hello bypass vulnerability, tracked as CVE-2021-34466, requires an attacker to have physical access to a device to exploit it, according to researchers at CyberArk Labs who discovered the flaw in March.

Moving forward, workplaces should leverage facial recognition solutions to thwart threats in the new hybrid workplace, bolster access control, and safeguard offices from future health risks. Facial recognition solutions can even pair with video management systems and send real-time alerts to security staff based on attribute-specific access control stipulations, such as time of day or location.

Two experts suggest calling employees "Insider threats" is counterproductive; employees are assets needing protection. Notice, there is no mention of blame; Priestap and Triplett see employees as assets that need protecting.

To maximize the data pool, it is customary to share patient data between clinics by sending copies of databases to the clinics where the algorithm is being trained. "These processes have often proven inadequate in terms of protecting patients' health data," says Daniel Rueckert, Alexander von Humboldt Professor of Artificial Intelligence in Healthcare and Medicine at TUM. AI-based diagnostic processes support doctors.

The U.S. Cyber Command conducted more than two dozen operations aimed at preventing interference in last November's presidential election, the general who leads the Pentagon's cyber force said Thursday. He said his command's operations were designed "To get ahead of foreign threats before they interfered with or influenced our elections in 2020.".

The Administrative Office of the U.S. Courts is investigating a potential compromise of the federal courts' case management and electronic case files system which stores millions of highly sensitive and confidential judiciary records. US Judiciary is also working on immediately adding extra safeguards and security procedures to protect the highly sensitive court documents filed with the courts.

Microsoft removed a Windows 10, version 2004 compatibility hold blocking devices with certain WWAN LTE modems from upgrading to the latest Windows version. A fix for the issue was made available with the release of the Windows 10 2004 KB4577063 non-security preview cumulative update.