The HHS Cybersecurity Program has issued a new brief this week: Log4J Vulnerabilities and the Health Sector You can access it at https://www.hhs.gov/sites/default/files/log4j-vulnerabilities-health-sector.pdf
Category: Commentaries and Analyses
New Loop: Data Breach to Lawsuit
Matt Fisher writes: A recurring pattern has developed when it comes to data breaches. The first part of the pattern is that healthcare is under constant cyber attacks that challenge security measures while aiming to get access to private and sensitive information within the systems. The prevalence of data breach notifications underscores how frequently security…
The Governor Who Thinks Examining HTML Is Criminal Hacking Is Now Working To Make Missouri’s Public Records Laws Worse
I wasn’t sure which of my sites this post by Tim Cushing belongs on, so I’m posting it to both, because the public needs to see what the government is doing to erode transparency and rights. Tim writes: Missouri Governor Mike Parson is perhaps best known these days for trying to convert a right-click menu option into…
Should You File a Claim in a Data Breach Settlement?
Shannon Flynn writes: Imagine that you open your email to find a notice that you’ve been part of a data breach. The message says you’re entitled to a settlement payout as part of a class-action lawsuit. What do you do next? With cyber crime as rampant as it is today, this scenario is a reality…
Japan’s Supreme Court rules cryptojacking scripts are not malware
Laura Dobberstein reports: A man found guilty of using the Coinhive cryptojacking script to mine Monero on users’ PCs while they browsed the web has been cleared by Japan’s Supreme Court on the grounds that crypto mining software is not malware. Tokyo High Court ruled against the defendant, 34-year-old Seiya Moroi, on charges of keeping…
WordPress plugin flaw puts users of 20,000 sites at phishing risk
Bill Toulas reports: The WordPress WP HTML Mail plugin, installed in over 20,000 sites, is vulnerable to a high-severity flaw that can lead to code injection and the distribution of convincing phishing emails. ‘WP HTML Mail’ is a plugin used for designing custom emails, contact form notifications, and generally tailored messages that online platforms send…