Asset Management

As all industries continue to struggle with Log4j remediation, HHS HC3 is urging the healthcare sector to assume systems have been compromised and to review new vulnerability guidance.

Cynerio’s healthcare IoT and medical device report reveals the most common vulnerabilities in the healthcare and hospital environments, stressing the need for network segmentation.

Bugcrowd reports that financial services companies had to move fast to adapt once the pandemic hit, leading to an increased interest in working with ethical hackers to fix bugs and improve security.

The White House memo places the NSA in a role similar to the one the Cybersecurity and Infrastructure Security Agency (CISA) plays among federal civilian agencies.

Across all sectors and the federal government, finding and rooting out Log4j vulnerability instances has proved a considerable challenge. But with patient safety at stake, and where legacy devices and applications abound, the healthcare sector is struggling.

Despite the lack of activity, CISA officials said they remain in a heightened state of concern, as there are several potentially troubling explanations for why Log4j activity has been so low.

An H2 vulnerability is limited in scope and is not as disastrous as the Log4j problem, say JFrog researchers, but it should still be taken seriously.

A government repository for products affected by or safe from the Log4J vulnerability has exploded in recent weeks. Two members of the cybersecurity community have rolled out a new search tool to make it easier to navigate the increasingly cumbersome list.