BlackBerry and CISA are urging critical infrastructure entities to patch a critical flaw in Blackberry QNX RTOS, used in a range of tech that include health care medical devices. The vulnerability is part of the BadAlloc group of RTOS flaws.
Mandiant and CISA have disclosed a now-patched device impersonation vulnerability that was found in ThroughTek's Kalay platform, an example of the potential risk tied to efforts to integrate all assets across an enterprise.
A CyberMDX report shows a disconnect between the reality and impact of cybersecurity in the health care space: although providers are a key hacking target, cybersecurity investments are often lacking.
As we dig into vulnerability management we uncover both old and new challenges. We still struggle with developing and maintaining an accurate asset inventory. We also, still, struggle to prioritize and execute remediation. There are many new approaches to solving these problems, from ad-hoc scanning to automation of all the things. Get our take on ...
In the rush to respond to COVID-19, many health care providers swiftly onboarded technologies to support the nation’s response and enable the rapid adoption of remote digital health platforms, such as connected medical devices and telemedicine tools. Now, as the pandemic crisis begins to slow, hospitals and medical facilities are left to address significant security gaps that emerged with the tech buying surge.
Security teams relying on asset inventory from their IT counterparts can be a challenge due to a lack of security context for assets. This gap can lead to missed opportunities to identify and fix asset-centric issues like EOL or unauthorized software that they can address even before running their vulnerability management program. Ed will discuss t...
Cloud-delivered malware has increased to an all-time high of 68%, according to a new study by Netskope, with cloud storage apps accounting for nearly 67% of that cloud malware delivery.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
