Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Black Hat Asia
May 10-13, 2022
Hybrid/Marina Bay Sands, Singapore
Black Hat USA
August 6-11, 2022
Las Vegas, NV, USA
Black Hat Europe
December 5-8, 2022
London
7/14/2020
09:00 AM
Black Hat Staff
Black Hat Staff
Event Updates

Get Cutting-Edge Healthcare Cybersecurity Insights at Black Hat USA

Bad actors are on the lookout for ways to attack healthcare organizations, so it's important for cybersecurity pros to stay informed about the latest trends and threats in the industry.

The business of healthcare presents a wealth of opportunities for bad actors to exploit, so it's important for cybersecurity professionals to stay on top of the latest trends and threats in the industry.

That's why Black Hat organizers are highlighting a few Briefings scheduled to take place during next month's virtual Black Hat USA event. Each offers a fresh perspective on the challenges of keeping the healthcare industry secure from threats both from within and without, as well as some practical insights you can apply to your own work.

Ransomware, data breaches, and hacks have long plagued the healthcare industry; in some cases, this has led to medical practices shutting down, leaving patients unable to get their medical records. The guidance provided to many providers has not specifically addressed what organizations need to do to protect their patients and themselves; worse, it has left many smaller healthcare providers vulnerable to "snake oil" vendors peddling costly risk assessments that provide no lasting solutions.

Stopping Snake Oil with Smaller Healthcare Providers: Addressing Security with Actionable Plans and Maximum Value is a Briefing aimed at addressing these problems with practical, actionable guidance from a healthcare CISO about what to do and what tools to use.

Black Hat USA attendees can get more perspective on the issue by checking out Healthscare — An Insider's Biopsy of Healthcare Application Security, a Briefing designed to highlight vulnerabilities and design issues within healthcare security solutions.

Expect a thorough dissection of numerous clinical systems, including radiology reading, electronic medical record downtime, patient entertainment, pharmacy distribution, nurse communication, clinical documentation, and temperature monitoring systems. While the prognosis isn't great, attendees can look forward to a frank breakdown of the situation and some helpful insights from a seasoned infosec director in the healthcare industry.

Carrying Our Insecurities with Us: The Risks of Implanted Medical Devices in Secure Spaces explores the problem of allowing increasingly smart implanted medical devices (IMDs) in secure spaces. The number of IMDs in use in the United States has been steadily increasing as new technologies emerge and improve. Attend this Black Hat USA Briefing for an expert rundown of why they threaten the security of protected data, as well as a series of technical and policy mitigations for these devices that balance the constraints of medical necessity and security.

For more details on these cutting-edge Briefings and many more, check out the Black Hat USA Briefings schedule.

Register now for this year's fully virtual Black Hat USA, still scheduled to take place August 1–6, and get more information about the event on the Black Hat website.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Incorporating a Prevention Mindset into Threat Detection and Response
Threat detection and response systems, by definition, are reactive because they have to wait for damage to be done before finding the attack. With a prevention-mindset, security teams can proactively anticipate the attacker's next move, rather than reacting to specific threats or trying to detect the latest techniques in real-time. The report covers areas enterprises should focus on: What positive response looks like. Improving security hygiene. Combining preventive actions with red team efforts.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-29376
PUBLISHED: 2022-05-23
Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install directory, allowing attackers to execute arbitrary code via overwriting binaries located in the directory.
CVE-2022-30015
PUBLISHED: 2022-05-23
In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fields on http://127.0.0.1:1234/food/admin/all_users.php like Full Username, etc .This causes stored xss.
CVE-2022-28999
PUBLISHED: 2022-05-23
Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers to execute arbitrary code via overwriting the binary devcpp.exe.
CVE-2022-29002
PUBLISHED: 2022-05-23
A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers to arbitrarily create administrator accounts via the component /gaia-job-admin/user/add.
CVE-2022-31489
PUBLISHED: 2022-05-23
Inout Blockchain AltExchanger 1.2.1 allows index.php/home/about inoutio_language cookie SQL injection.