Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Black Hat USA
July 31 - August 5, 2021
Las Vegas, NV, USA
SecTor
November 4 - October 30, 2021
Toronto, ON, Canada
Black Hat Europe
November 8-11, 2021
Virtual Event
7/14/2020
09:00 AM
Black Hat Staff
Black Hat Staff
Event Updates
50%
50%

Get Cutting-Edge Healthcare Cybersecurity Insights at Black Hat USA

Bad actors are on the lookout for ways to attack healthcare organizations, so it's important for cybersecurity pros to stay informed about the latest trends and threats in the industry.

The business of healthcare presents a wealth of opportunities for bad actors to exploit, so it's important for cybersecurity professionals to stay on top of the latest trends and threats in the industry.

That's why Black Hat organizers are highlighting a few Briefings scheduled to take place during next month's virtual Black Hat USA event. Each offers a fresh perspective on the challenges of keeping the healthcare industry secure from threats both from within and without, as well as some practical insights you can apply to your own work.

Ransomware, data breaches, and hacks have long plagued the healthcare industry; in some cases, this has led to medical practices shutting down, leaving patients unable to get their medical records. The guidance provided to many providers has not specifically addressed what organizations need to do to protect their patients and themselves; worse, it has left many smaller healthcare providers vulnerable to "snake oil" vendors peddling costly risk assessments that provide no lasting solutions.

Stopping Snake Oil with Smaller Healthcare Providers: Addressing Security with Actionable Plans and Maximum Value is a Briefing aimed at addressing these problems with practical, actionable guidance from a healthcare CISO about what to do and what tools to use.

Black Hat USA attendees can get more perspective on the issue by checking out Healthscare — An Insider's Biopsy of Healthcare Application Security, a Briefing designed to highlight vulnerabilities and design issues within healthcare security solutions.

Expect a thorough dissection of numerous clinical systems, including radiology reading, electronic medical record downtime, patient entertainment, pharmacy distribution, nurse communication, clinical documentation, and temperature monitoring systems. While the prognosis isn't great, attendees can look forward to a frank breakdown of the situation and some helpful insights from a seasoned infosec director in the healthcare industry.

Carrying Our Insecurities with Us: The Risks of Implanted Medical Devices in Secure Spaces explores the problem of allowing increasingly smart implanted medical devices (IMDs) in secure spaces. The number of IMDs in use in the United States has been steadily increasing as new technologies emerge and improve. Attend this Black Hat USA Briefing for an expert rundown of why they threaten the security of protected data, as well as a series of technical and policy mitigations for these devices that balance the constraints of medical necessity and security.

For more details on these cutting-edge Briefings and many more, check out the Black Hat USA Briefings schedule.

Register now for this year's fully virtual Black Hat USA, still scheduled to take place August 1–6, and get more information about the event on the Black Hat website.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
Edge-DRsplash-10-edge-articles
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
News
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-2322
PUBLISHED: 2021-06-23
Vulnerability in OpenGrok (component: Web App). Versions that are affected are 1.6.7 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok. Successful attacks of this vulnerability can result in takeover of OpenGrok. CVSS 3.1 ...
CVE-2021-20019
PUBLISHED: 2021-06-23
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
CVE-2021-21809
PUBLISHED: 2021-06-23
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
CVE-2021-34067
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.
CVE-2021-34068
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.