Tag cybersecurity

Feds Unveil Enhanced HIPAA Security Risk Analysis Tool

Healthcare, Industry Specific, Regulation Experts Recommend Tool Designed for Smaller Organizations Marianne Kolbasuk McGee (HealthInfoSec) • September 10, 2025 Image: Getty Images Federal officials have released an updated version of their HIPAA Security Risk Assessment (SRA) tool, which has historically assisted small and midsized healthcare providers and business associates in…

Read MoreFeds Unveil Enhanced HIPAA Security Risk Analysis Tool

Senator Criticizes Microsoft for Leaving Default Windows Settings Exposed to “Kerberoasting” Vulnerabilities

A leading U.S. senator has requested that the Federal Trade Commission (FTC) launch an inquiry into Microsoft, citing what he has termed “gross cybersecurity negligence.” This call to action stems from concerns regarding the company’s continued reliance on the outdated RC4 encryption method, which is set as the default in…

Read MoreSenator Criticizes Microsoft for Leaving Default Windows Settings Exposed to “Kerberoasting” Vulnerabilities

Microsoft Acknowledges EncryptHub, the Hacker Connected to Over 618 Breaches, for Revealing Windows Vulnerabilities

Microsoft recently acknowledged an individual operating under the EncryptHub alias for uncovering and reporting two significant security vulnerabilities in Windows. This acknowledgment depicts a complex profile of a person straddling a legitimate cybersecurity career while engaging in cybercriminal activities. According to a detailed analysis by Outpost24 KrakenLabs, the individual behind…

Read MoreMicrosoft Acknowledges EncryptHub, the Hacker Connected to Over 618 Breaches, for Revealing Windows Vulnerabilities

Emotet Malware Returns with Advanced Evasion Strategies

The Emotet malware operation has significantly evolved in its approach, employing refined tactics designed to evade detection while simultaneously facilitating the distribution of other malicious software, including Bumblebee and IcedID. Initially dismantled in early 2021, Emotet re-emerged later that year and has since posed a relentless threat primarily through phishing…

Read MoreEmotet Malware Returns with Advanced Evasion Strategies

Tool Manufacturer Claims Hack Exposed Medical Information

Data Breach Notification, Data Security, Fraud Management & Cybercrime Breach Affecting 104,000 Highlights Health Data Risks for Non-Healthcare Companies Marianne Kolbasuk McGee (HealthInfoSec) • September 9, 2025 Cornwell Quality Tools has informed nearly 104,000 individuals that their medical information may have been compromised in a recent cyber incident. (Image: Cornwell)…

Read MoreTool Manufacturer Claims Hack Exposed Medical Information

Mitsubishi Electric Acquires Nozomi in $883 Million Operational Technology Security Agreement

Critical Infrastructure Security, Endpoint Security, Governance & Risk Management Mitsubishi Electric’s $883M Acquisition of Nozomi Enhances Cyber Defense for Critical Infrastructure Michael Novinson (MichaelNovinson) • September 9, 2025 Mitsubishi Electric has announced plans to acquire Nozomi Networks for $883 million, aiming to leverage artificial intelligence and contextual data to bolster…

Read MoreMitsubishi Electric Acquires Nozomi in $883 Million Operational Technology Security Agreement

Huge Leak Reveals How a Chinese Firm Is Spreading the Great Firewall Globally

A recent leak comprising over 100,000 documents reveals that a relatively obscure Chinese firm, Geedge Networks, has been surreptitiously marketing censorship systems similar to the Great Firewall to governments globally. Founded in 2018 and backed by key figures involved in China’s censorship framework, Geedge promotes itself as a network-monitoring service…

Read MoreHuge Leak Reveals How a Chinese Firm Is Spreading the Great Firewall Globally