7 matches found
CVE-2019-11687
An issue was discovered in the DICOM Part 10 File Format in the NEMA DICOM Standard 1995 through 2019b and continuing in current implementations. The 128-byte preamble of a DICOM file that complies with this specification can contain arbitrary executable headers for multiple operating systems,...
Sophisticated threats plague ailing healthcare industry
The healthcare industry is no longer circling the drain, but it's still in critical condition. While many organizations in healthcare have aimed at or made positive strides toward a more robust cybersecurity and privacy posture, they still have a long way to go. In 2018, healthcare had the highes...
Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images
A bug in a 30-year-old standard used for the exchange and storage of medical images has been uncovered; it allows an adversary to embed fully-functioning executable code into the image files captured by medical devices such as CT and MRI machines. This results in hybrid files that allow malware...
Securing Healthcare Data and Applications
The healthcare industry is quickly growing as a sweet spot for hackers to steal large amounts of patient records for profit. The US Department of Health and Human Services breach tool reports over 340 data breaches in 2017 impacting more than 3 million individuals, and 176.5 million individuals...
Medical Device, Health Care Security Continues to Ail
TENERFIE, Spain – Sergey Lozhkin knows malware. Medical devices? Admittedly, not so much. That, however, was not an impediment to the Kaspersky Lab researcher in cracking the digital walls of a Moscow hospital and finding a shocking array of open doors on the network and weaknesses in medical...
Threat Outbreak Alert RuleID19300: Email Messages Distributing Malicious Software on November 11, 2015
Medium Alert ID: 42019 First Published: 2015 November 10 14:01 GMT Last Updated: 2015 November 16 13:51 GMT Version: 3 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID1930...
Health Care Breach Notification Mandated
From SC Magazine Angela Moscaritolo Two new rules were created this week requiring health care organizations, and other entities that interact with personal health records PHRs, to issue notifications in the event of a data breach. The key rule, issued Wednesday by the U.S. Department of Health a...