This week in infoSec news vulnerabilities and the importance of tracking and patching were common discussions whether you are in the healthcare industry or as a large utility provider. With the number of critical vulnerabilities constantly increasing, a comprehensive approach to managing that risk needs to be implemented before the real world consequences of breaches and fines occur.
Hospital hacks: Default passwords and no patching leaves healthcare at risk
“Poor security practice, shared passwords and vulnerabilities in software increasingly aid attackers access treasure troves of sensitive personal data, warns report.”
The Most Vulnerable Assets Are Also the Hardest to Patch
“Over the past few years, cybercrime has evolved into a money-making enterprise. Threat actors are always on the lookout for the path of least resistance — using existing attack tools and often re-using the same attack method on as many victims as possible — think WannaCry or NotPetya.”
Digital transformation exposing healthcare’s insecure underbelly to increasingly voracious attackers
“As IoT attacks join malware surge, healthcare organisations must decide whether to protect their networks or just secure their data”
Microsoft Remote Access Protocol Flaw Affects All Windows Machines
“Attackers can exploit newly discovered critical crypto bug in CredSSP via a man-in-the-middle attack and then move laterally within a victim network.”
Electric Utility Hit with Record Fine for Vulnerabilities
“An unnamed power company has consented to a record fine for leaving critical records exposed.”
Adobe patches critical vulnerabilities in Flash, Dreamweaver
“Adobe Flash Player, Connect, and Dreamweaver are the focus of this month's patch cycle.”
Cybersecurity Incident Response Still Major Issue
Over 75% of respondents across the globe admitted that they do not have a formal cybersecurity incident response plan in place across their organization, according to researchconducted by Ponemon Institute and sponsored by IBM Resilient.
Brinqa @ SecureWorld Boston
Brinqa braved the latest Nor'easter to make our way to Boston for the SecureWorld Conference. We had a successful and safe trip once we made it!

Upcoming Webinar
One of the largest retailers in the world, top 5 medical insurance firm, largest electrical utilities provider - these are just some of the industry leaders that leverage Brinqa Vulnerability Risk Management solution to secure their critical assets. Join us as we talk to Brinqa solution experts to learn how these leading cybersecurity organizations tackle the most pressing vulnerability management problems of today.
Join us as we share lessons learned from down in the trenches of vulnerability risk management :
- How top risk leaders and organizations approach remediation prioritization
- How you can future-proof your vulnerability risk management program
- How to improve your security without actively scanning your assets