Patiëntgegevens die via het Landelijk Schakelpunt (LSP) worden gedeeld zijn niet end-to-end versleuteld, zo heeft minister Bruins voor Medische Zorg en Sport laten weten op vragen van de PvdD en SP. Het LSP is de infrastructuur voor het uitwisselen van vertrouwelijke medische patiëntgegevens.

Tijdens het Algemeen Overleg over Gegevensuitwisseling in de zorg stelde PvdD-Kamerlid Teunissen dat de data-uitwisseling tussen zorgverlener en patiënt, of zorgverleners onderling, van begin tot eind versleuteld zou moeten zijn.

Het Kamerlid wilde van minister Bruins weten of het mogelijk is dat iemand tussen zorgverlener A en B, bijvoorbeeld de Amerikaanse operationeel beheerder CSC, inzage kan hebben in de medische gegevens van mensen.

Bijna driekwart vindt digitale oorlogsvoering een groot gevaar. Zo'n drie jaar geleden was dat ongeveer de helft.

Verder maken Nederlanders zich veel zorgen over klimaatverandering (70 procent) en Islamitische Staat (67 procent). Ongeveer een kwart van de Nederlanders is bezorgd over de wereldeconomie.

Volgens een wereldwijde enquête van Pew Research Center is Nederland een van de vier landen in de wereld waar mensen cyberaanvallen op de eerste plek zetten. Ook Amerikanen, Japanners en Zuid-Afrikanen vinden digitale aanvallen de grootste dreiging.

Queensland’s public hospitals are dealing with multimillion-dollar blowouts to install an integrated electronic medical record that clinicians say is flawed and putting patients at risk.

Many Hospital and Health Services are floundering under the booming cost of the health department’s integrated electronic medical record (ieMR) project, while patients at some public hospitals have been affected by increased elective surgery wait times.

The state's Hospital and Health Services are statutory bodies running several hospitals and community health centres within each region, receiving state, federal and their own funding.

Mobile device exploits, cloud based-data breaches, ransomware — these are just three of the major information security threats healthcare organizations will have to watch out for in 2019 and the years that follow.

It will be critical to ensure that information communication technology (ICT) infrastructure is secure, a task that has become exponentially more complicated due to the proliferation of mobile devices like smartphones and tablets, which are used by healthcare professionals in the field and in hospitals.

In addition to securing mobile devices, the proliferation of connected devices like medical equipment and other Web connected elements—the Internet of Things (IoT)— can be particularly weak security endpoints, and need to be properly secured and updated at all times.

It’s bad enough that dating sites are a pit of exaggerations and inevitable disappointment, they’re also a hot target for hackers.

Dating sites aren’t considered the goldmine of personal information like banks or hospitals, but they’re still an intimate part of millions of people’s lives and have long been in the sights of hackers.

If the hackers aren’t hitting the back-end database like with the AdultFriendFinder, Ashley Madison and Zoosk breaches, the hackers are trying break in through the front door with leaked or guessed passwords.

Researchers spotted the ransomware GandCrab embedded into a downloadable Mario image from Super Mario Bros.

Matthew Rowan, a researcher at Bromium discovered the malware and identified the trends and patterns to be of an older method, steganography. This form of malware tends to use obfuscated Microsoft PowerShell commands.

Similarly, the hacker uses a PowerShell command in this campaign. The targeted emails are sent to individuals in Italy, with an excel document attached. Labelled, “F.DOC.2019 A 259 SPA.xls” it also contains a Macro. The document prompts users to click ‘enable content,’ effectively deploying the malware.

WordPress site owners who are using the Simple Social Buttons plugin to support social media sharing features should update the plugin as soon as possible to plug a security hole that can be exploited to take over sites.

Luka Šikić, a developer and researcher at WordPress security firm WebARX, discovered the security issue last week and reported the problem to the plugin's author.

In a report published today, he described the issue as an "improper application design flow, chained with lack of permission check."

T-Mobile, Sprint, and AT&T are selling access to their customers’ location data, and that data is ending up in the hands of bounty hunters and others not authorized to possess it, letting them track most phones in the country.

Nervously, I gave a bounty hunter a phone number. He had offered to geolocate a phone for me, using a shady, overlooked service intended not for the cops, but for private individuals and businesses. Armed with just the number and a few hundred dollars, he said he could find the current location of most phones in the United States.

The bounty hunter sent the number to his own contact, who would track the phone. The contact responded with a screenshot of Google Maps, containing a blue circle indicating the phone’s current location, approximate to a few hundred metres.

Russia is considering whether to disconnect from the global internet briefly, as part of a test of its cyber-defences. The test will mean data passing between Russian citizens and organisations stays inside the nation rather than being routed internationally.

A draft law mandating technical changes needed to operate independently was introduced to its parliament last year. The test is expected to happen before 1 April but no exact date has been set.

The draft law, called the Digital Economy National Program, requires Russia's ISPs to ensure that it can operate in the event of foreign powers acting to isolate the country online.

The role of the CISO and their reporting line seems to be a continuing topic of discussion amongst cyber security professionals.

The same title often hides a large diversity of roles, positioned differently across their respective organisations. It often reflects the maturity of each firm towards the appreciation of the threats it faces, the need for business protection, and its appetite for controls.

For large groups, in particular where business units or geographies manage their own bottom line and have a significant degree of autonomy in real terms, it can result in a large population of security practitioners across the group with very diverse approaches, objectives and priorities.