Cybersecurity strategies
The healthcare sector faces a variety of cyberthreats, but experts are constantly working to provide organizations with reliable cybersecurity strategies to address them. Learn about the latest tactics for tackling cyber risk, with efforts led by security practitioners, federal agencies and leading cybersecurity companies.
Top Stories
-
News
20 Nov 2024
HHS has not adopted all GAO cybersecurity recommendations
GAO said that it is still waiting on HHS to implement several cybersecurity recommendations laid out for the department in various GAO reports. Continue Reading
-
Feature
18 Nov 2024
Mitigating risk as healthcare supply chain attacks prevail
A focus on cyber resilience is essential for mitigating the risk of healthcare supply chain attacks, which have the potential to cause widespread disruptions. Continue Reading
-
News
22 Jul 2021
Ransomware Attack Targets Protected Health Information at Law Firm
The law firm announced the ransomware attack included medical and health information. Continue Reading
-
News
22 Jul 2021
How Can Congress Aid Healthcare Cybersecurity, Fight Ransomware?
Witnesses testified before Congress this week, noting that the healthcare sector needs help battling cyberattacks and ransomware. Continue Reading
-
News
21 Jul 2021
Patient Privacy Incident Leads to Accidental PHI Disclosure
An Oklahoma hospital is notifying patients about a recent data breach. Continue Reading
-
News
21 Jul 2021
MS Cancer Center Joins List Affected by Elekta Data Breach
A Mississippi cancer center is alerting patients of a recent data breach that impacts protected health information. Continue Reading
-
News
20 Jul 2021
Elekta Health Data Breach Strikes Jefferson Health, Disclosing PHI
Jefferson Health is notifying patients of a health data breach that exposed patient PHI. Continue Reading
-
News
20 Jul 2021
Over 68K Advocate Aurora Patients Impacted by Elekta Health Data Breach
Advocate Aurora is informing over 68,000 patients of a recent data breach. Continue Reading
-
News
19 Jul 2021
Intermountain Says Patients’ PHI Exposed in Elekta Health Data Breach
Intermountain Healthcare was impacted by the Elekta health data breach. Continue Reading
-
News
19 Jul 2021
Healthcare Data Breach in IL Exposes COVID-19 Vaccination Status
A data breach exposed PHI in Illinois, including COVID-19 vaccination status. Continue Reading
-
News
16 Jul 2021
New CISA PrintNightmare Order Spurs Health IT Security Concern
The CISA alert directs agencies to stop service and deploy a fix to resolve PrintNightmare and the health IT sector is responding. Continue Reading
-
News
16 Jul 2021
Cardinal Contracting Data Breach Includes Medical Information
Cardinal Contracting began notifying individuals about the medical data breach this week. Continue Reading
-
News
15 Jul 2021
Cyberattack Exposes Protected Health Information of 43K New Yorkers
A cyberattack exposed the PHI of over 43,000 New Yorkers. Continue Reading
-
News
15 Jul 2021
California Updates Health Facility Data Breach Requirements
California updated its health facility data breach regulations. Continue Reading
-
News
14 Jul 2021
Connecticut’s Updated Cybersecurity Law Now Protects Patient Data
Connecticut's new cybersecurity law will help protect patients' private medical information. Continue Reading
-
News
14 Jul 2021
OIG: Gaps in CMS ERM Puts Genomic Data Security at Risk
A new OIG report notes flaws in CMS ERM processes. Continue Reading
-
News
13 Jul 2021
ClearBalance Data Incident Impacts Over 200,000 US Patients' PII
A new cyber attack is impacting over 200,000 ClearBalance customers. Continue Reading
-
News
13 Jul 2021
Colorado Governor Signs The Colorado Privacy Act Into Law
The governor of Colorado signed the new privacy act into law. Continue Reading
-
News
12 Jul 2021
IRS: Cyberthief Sentenced to Prison After Stealing Patients PHI
A Texas mas was sentenced to prison for stealing patients' private health information. Continue Reading
-
News
12 Jul 2021
Patient Info Exposed in Health Clinic Cyberattack Data Breach
An Iowa-based health clinic is the latest victim of a cyberattack. Continue Reading
-
News
09 Jul 2021
Data Breach Impacts Patients, Employees of Dermatology Practice
A cyber attack impacted both patients and employees of a dermatology practice. Continue Reading
-
News
09 Jul 2021
HHS Warns Health PACS: Patient Data Vulnerable to Cyber Exploitation
Health PACS are vulnerable to hackers according to a new alert from the Department of Health & Human Services (HHS.) Continue Reading
-
News
08 Jul 2021
Report Draws Patient Privacy Concern with Prenatal Test
A Reuters report says that a globally used, prenatal test is being used by a Chinese company to collect patients’ data. Continue Reading
-
News
08 Jul 2021
Report: Privacy Concerns With Apps Used For Opioid Addiction Treatment
A new report on smartphone apps used for opioid addiction treatment is raising concerns over patient privacy. Continue Reading
-
News
07 Jul 2021
Mississippi’s Coastal Family Health Center Falls Victim To Hacker, PHI Exposed
The May incident did not interfere with patient care, but did expose patients’ private information. Continue Reading
-
News
06 Jul 2021
GAO: Some Progress, But Changes Still Needed For The Department of Veterans Affairs HIT System
GAO released its latest findings on the VA in a July 1 report. Continue Reading
-
News
01 Jul 2021
KLAS: Top Healthcare Security, Privacy Consulting Firms
KLAS researchers spoke with healthcare security and privacy leaders to understand which security consulting firms are true partners with organizations. Continue Reading
-
News
30 Jun 2021
GAO: HHS Must Collaborate to Ensure Healthcare Cybersecurity
A GAO study shows that while HHS has defined roles and responsibilities within its security arm, further collaboration is needed to ensure healthcare cybersecurity. Continue Reading
-
News
29 Jun 2021
NIST Defines “Critical Software” Per Cybersecurity Executive Order
NIST published its definition of “critical software” as directed in President Biden’s executive order aimed at improving the nation’s cybersecurity. Continue Reading
-
News
29 Jun 2021
Health Data Security a Staple of Holy Name’s Vaccine Record System
Holy Name Medical Center in New Jersey tapped a global security firm to offer a COVID-19 vaccination record system with health data security in mind. Continue Reading
-
News
28 Jun 2021
Survey Reveals How Leaders are Overcoming Cybersecurity Hurdles
A recent survey of cybersecurity leaders across all sectors reveals that most organizations see compliance with data privacy regulations as a top priority. Continue Reading
-
News
25 Jun 2021
Most Healthcare Organizations Expect to Be Ransomware Targets
A third of healthcare organizations experienced ransomware attacks in the last year, and the remaining 63 percent expect to be attacked in the future, a survey reveals. Continue Reading
-
News
25 Jun 2021
OIG: Medicare Lacks Oversight of Cybersecurity for Medical Devices
A study from HHS’ Office of the Inspector General reveals that Medicare’s hospital survey protocol does not address the cybersecurity of networked medical devices. Continue Reading
-
News
18 Jun 2021
FCC Finalizes Best Practices to Combat Hospital Robocalls
The Federal Communications Commission released a public notice on how hospitals can implement the Hospital Robocall Protection Group’s best practices. Continue Reading
-
News
17 Jun 2021
Cloud Security Alliance Releases Telehealth Risk Management Paper
A new Cloud Security Alliance paper provides telehealth risk management guidance along with best practices for cybersecurity and HIPAA compliance. Continue Reading
-
News
17 Jun 2021
NIST Releases Draft of Ransomware Risk Management Framework
NIST released a draft of its Cybersecurity Framework Profile for Ransomware Risk Management which aims to help organizations prevent and respond to ransomware attacks. Continue Reading
-
News
16 Jun 2021
FDA Outlines Medical Device Cybersecurity Goals
The FDA outlined its medical device cybersecurity goals in response to NIST’s call for position papers to fulfill President Biden’s executive order signed in May. Continue Reading
-
News
15 Jun 2021
Scripps CEO Reveals Lessons Learned from Ransomware Attack
In an op-ed published in the San Diego Union-Tribune, Scripps Health CEO Van Gorder revealed lessons learned from the healthcare provider's ransomware attack in May. Continue Reading
-
News
14 Jun 2021
IT Security Company COO Charged with Medical Center Cyberattack
Vikas Singla, chief operating officer of a network security company, was charged in connection with a 2018 cyberattack on Gwinnett Medical Center in Georgia. Continue Reading
-
Answer
14 Jun 2021
Sky Lakes Medical: A First-Hand Look at Fall Ransomware Attack, Recovery
Sky Lakes Medical Center was among the dozen healthcare providers caught up in the wave of ransomware attacks last fall. Its analyst shares a first-hand account of the incident and recovery. Continue Reading
-
News
10 Jun 2021
Ransomware Attacks: CISA Shares Operational Tech Asset Security Guide
In response to ongoing ransomware attacks targeting operational tech assets and control systems of critical infrastructure entities, CISA published a guide to mitigation and response. Continue Reading
-
News
10 Jun 2021
HSCC to Biden: Invest in Healthcare Cybersecurity, Partnerships
Through the American Rescue Plan, HSCC urges the Biden Administration to make similar investments in healthcare cybersecurity partnerships to improve its cyber posture. Continue Reading
-
Answer
09 Jun 2021
What Happens After a Ransomware Attack in the Health IT Environment?
CyberMDX’s Ido Geffen takes a hard look at ransomware attacks within a healthcare environment, including what providers are getting wrong and needed security mitigations. Continue Reading
-
News
08 Jun 2021
VMware Flaw: Patch Now as Hackers, Malware Exploit Security Gap
A widespread bot campaign has been observed delivering worming malware via a recently disclosed VMware RCE flaw, as CISA warns attackers are seeking to exploit the security gap. Continue Reading
-
News
07 Jun 2021
Report: New Ransomware Variant Targeting Microsoft Exchange Servers
A Sophos report shows threat actors, with likely ties to REvil ransomware, are deploying a new malware variant by exploiting flaws in Microsoft Exchange Servers. Continue Reading
-
News
07 Jun 2021
Medical Device Security, Mitigation Needs to Reduce Patient Safety Risk
Connected medical devices are crucial to supporting patient care, but providers cannot overlook crucial cybersecurity mitigations and processes needed to protect patient safety. Continue Reading
-
News
04 Jun 2021
DOJ, White House Take Aim at Critical Infrastructure Ransomware Attacks
Following disruptive ransomware attacks on NY MTA, MA Steamship Authority, and JBS Meats, the DOJ and the White House announce steps to crack down on threat actors. Continue Reading
-
Answer
02 Jun 2021
Could The SASE Model Move the Needle on Healthcare Cybersecurity?
The threat landscape is evolving faster than healthcare cybersecurity. AT&T Cybersecurity’s Rupesh Chokshi believes secure access service edge (SASE) might better support providers. Continue Reading
-
News
01 Jun 2021
Scripps Reports Data Theft, EHR Back Online, but Global Outages Persist
Providers swept up in the latest ransomware wave are in various stages of recovery. Leading this cyber roundup: Scripps Health has brought its EHR back online four weeks after an attack. Continue Reading
-
News
01 Jun 2021
FBI: Unpatched Fortinet Flaws Remain Under Attack by APT Actors
A recent FBI flash alert warns advanced persistent threat (APT) actors are continuing to exploit unpatched Fortinet flaws to gain access for malicious activities, including data theft. Continue Reading
-
News
28 May 2021
Microsoft: Active NOBELIUM Malware Actors' Spear-Phishing Campaign
The NOBELIUM malware actors, the group behind the SolarWinds compromise, have been rapidly evolving their tactics; Microsoft details an active spear-phishing campaign. Continue Reading
-
News
27 May 2021
NIST IoT Guidance for Network-Based Attacks, Device Communication
Aimed at smaller entities, new NIST guidance provides a standards-based approach to network communication to reduce the risk of network-based attacks. Continue Reading
-
News
27 May 2021
CISA: VMware Patches Critical Server Flaw, Warns of Ransomware Threat
A new CISA alert urges entities to apply the software update provided by VMware, which will patch a critical flaw in all server deployments. Continue Reading
-
News
24 May 2021
FBI: Conti Ransomware Actors Exploit Healthcare, First Responder Networks
An FBI flash alert warns the Conti ransomware hacking group is actively targeting and exploiting the healthcare sector and first responder networks, with at least 16 victims in the last year. Continue Reading
-
Answer
17 May 2021
Critical Infrastructure Attacks: Threat Landscape Forces Security to Evolve
Ongoing and recent outages at critical infrastructure entities highlight the sophistication and evolution of the threat landscape, driving the need for improved security posture in healthcare. Continue Reading
-
News
14 May 2021
Ransomware Keeps Healthcare in Crosshairs, Triple Extortion Emerges
A Check Point report on ransomware attacks seen in the first half of 2021, shows a 102 percent increase from 2020’s numbers, as hackers begin employing triple extortion to increase profits. Continue Reading
-
News
13 May 2021
External Threat Actors Outpace Insiders in Healthcare Data Breaches
For the second consecutive year, the Verizon Data Breach Investigations Report (DBIR) found external threat actors were behind more healthcare data breaches than insider errors. Continue Reading
-
News
13 May 2021
Biden’s Executive Order to Boost Threat Sharing, Supply Chain Security
As the cyberattack on the Colonial Pipeline joins a host of other supply chain security incidents, the President signed an executive order to boost infrastructure security and threat sharing. Continue Reading
-
News
12 May 2021
DHS CISA, FBI Alert to DarkSide Ransomware, After Pipeline Attack
Just five days ago, DarkSide ransomware threat actors attacked a critical pipeline company, disrupting the supply chain. FBI and DHS urge entities to bolster their security defenses. Continue Reading
-
News
12 May 2021
Threat Alert: Russian-Backed Threat Actors, Avaddon Ransomware
Recent federal threat alerts detail ongoing Russian-backed and Avaddon ransomware campaigns targeting global entities, including healthcare and COVID-19 vaccine developers. Continue Reading
-
Answer
07 May 2021
Healthcare’s Email Problem: Insider Threats, Data Retention, Phishing
Email is a crucial communication tool, but as insider threats remain the biggest risk, healthcare must address key problem areas like data retention and phishing defenses to reduce risks. Continue Reading
-
News
06 May 2021
CISA Alerts to New Ransomware, Trojan Using Public Pen Testing Tools
FiveHands ransomware has been spotted in the wild paired with a remote access trojan. Its actors used publicly available pen testing and exploitation tools to steal data. Continue Reading
-
Answer
06 May 2021
Report: Healthcare IoT, Devices Most Impacted by TCP/IP Vulnerabilities
Forescout’s ongoing TCP/IP vulnerability research shows that IoT and medical devices in healthcare face the greatest risk of exposure and attack. Continue Reading
-
News
04 May 2021
CISA: Patch Issued for Critical Pulse Secure VPN Flaw Under Active Attack
Ivanti released a patch for a critical zero-day authentication bypass flaw found in its Pulse Secure VPN, which CISA previously warned was under active attack. Continue Reading
-
News
03 May 2021
NSA Insights: Malicious Cyber Activity on Connected, IT Operational Tech
New NSA insights shed light on securing connections between IT and OT technologies from malicious, cyber activities to bolster overall cybersecurity posture. Continue Reading
-
News
03 May 2021
Why Providers Must Prepare for a Ransomware Attack
The COVID-19 pandemic has made the healthcare industry even more vulnerable to ransomware attacks. Continue Reading
-
News
29 Apr 2021
NIST, CISA Share Software Supply Chain Attack Defense Guidance
In response to the supply chain attack against SolarWinds, NIST and DHS CISA released guidance to support entities with defense means, including risks and recommendations. Continue Reading
-
News
28 Apr 2021
Health CIO: IT Must Be Core Business Element to Tackle Security Challenges
At Xtelligent Healthcare Media’s Privacy and Security Summit, health CIO Michael Archuleta stressed the need for IT to be a key business element if the sector hopes to overcome cybersecurity challenges. Continue Reading
-
News
28 Apr 2021
Joint Fed Guidance on Russian APT Cyberattacks, Exploits, Malware
Recent joint federal guidance sheds light on the tactics used by Russian Advanced Persistent Threat (APT) actors, including vulnerability exploits and malware deployment. Continue Reading
-
News
27 Apr 2021
77% of Ransomware Spurs Data Extortion, Driven by Accellion Hack
Data extortion attempts now occur in 77 percent of all ransomware attacks. According to Coveware, the Clop hack of Accellion FTA contributed to the rise. Continue Reading
-
News
26 Apr 2021
Healthcare’s Biggest Cybersecurity Blind Spots and Misconceptions
While awareness of the threats facing the healthcare sector has improved, providers have inherent blindspots and misconceptions leaving them exposed to a host of cybersecurity risks. Continue Reading
-
News
26 Apr 2021
Secure Communication Used in 50% Malware Attacks to Evade Detection
Sophos data shows an increasing number of malware and ransomware threat actors are using TLS to hide communication and cyberattack activities. Continue Reading
-
News
22 Apr 2021
CISA Ties SUPERNOVA Malware to Pulse Secure, SolarWinds Exploits
First disclosed in January, SUPERNOVA malware began targeting vulnerable SolarWind Orion tech. A new CISA report, however, shows hackers are pivoting to the tech through Pulse Secure VPNs. Continue Reading
-
News
22 Apr 2021
RDP, Botnet Malware Top Access Point of Updated Ryuk Ransomware
The latest update of the notorious Ryuk ransomware seen throughout 2021, primarily leverages service-based RDP and botnet-based malware delivery to gain access to victims’ networks. Continue Reading
-
News
21 Apr 2021
Threat Actors Exploiting 3 SonicWall Email Security Vulnerabilities
FireEye’s Mandiant research team discovered a threat actor exploit three zero-day vulnerabilities found in SonicWall Email Security to perform a range of nefarious activities. Continue Reading
-
News
21 Apr 2021
DHS CISA: Critical Pulse Secure VPN Vulnerabilities Under Active Attack
Ivanti issued mitigation measures for a zero-day authentication bypass vulnerability in its Pulse Secure SSL VPN appliance, which DHS CISA warns is under active attack. Continue Reading
-
News
20 Apr 2021
Feds Find More Malware Tied to SolarWinds Supply Chain Compromise
A recent DHS and US Cyber Command alert provides insights into two recently identified malware variants tied to the widespread SolarWinds Orion supply chain compromise. Continue Reading
-
News
19 Apr 2021
Fed Joint Advisory: Patch These 5 Vulnerabilities Under Active Attack
Nation-state threat actors with ties to Russia are actively exploiting five publicly known vulnerabilities to compromise a range of entities within the US and its allies. Continue Reading
-
News
16 Apr 2021
H-ISAC Supply-Chain Insights Aim to Prevent Next SolarWinds Cyberattack
Designed in cooperation with AHA, the H-ISAC unveiled new supply-chain cyberattack insights meant to support healthcare providers in preventing another SolarWinds incident. Continue Reading
-
News
15 Apr 2021
COVID-19 Vaccine Cold Chain Entities Remain Key Spear-Phishing Target
IBM X-Force released an update of its December COVID-19 Vaccine Cold Chain attacks, finding additional spear-phishing attacks targeting global entities. Continue Reading
-
News
14 Apr 2021
DOJ: FBI Removed Web Shells From Exploited Microsoft Exchange Servers
A recent court-authorized FBI operation removed web shells from a range of exploited Microsoft Exchange Servers, to support unaware victims, according to a Tuesday DOJ press release. Continue Reading
-
News
14 Apr 2021
NSA Finds, Urges Patch of 4 New Critical Microsoft Exchange Flaws
Microsoft issued patches for four new on-prem Exchange Server vulnerabilities, found by NSA. Combined with the previous zero-day flaws, prioritization will be crucial. Continue Reading
-
Answer
13 Apr 2021
DNS Flaws in Millions of IoT Devices Pose Remote Attack, Exfiltration Risk
New Forescout research details Name:Wreck vulnerabilities found in millions of IoT devices, which could lead to hacking or remote code execution attacks. Continue Reading
-
Answer
12 Apr 2021
Healthcare's Data Extortion Problem, and How to Prepare for Ransomware
Data extortion attempts are now occurring in at least 70 percent of all ransomware attacks. How can healthcare providers best combat these pervasive tactics? Continue Reading
-
News
09 Apr 2021
GAO Audit Finds HHS Information Security Program “Not Effective”
The latest GAO audit of HHS’ information security program against FISMA standards found multiple flaws, including failure to implement continuous monitoring in select operating divisions. Continue Reading
-
News
09 Apr 2021
DHS CISA Shares SolarWinds Post-Threat Compromise Activity Tool
Designed to detect post-threat compromise activity from the SolarWinds incident, CISA’s Aviary dashboard visualizes and analyzes outputs from its Sparrow detection tool. Continue Reading
-
News
07 Apr 2021
CISA: SAP Vulnerabilities Under Active Attack, Poses Data Theft Risk
A report from Onapsis and CISA details an active campaign targeting unsecured SAP applications to gain control over affected devices, posing a risk of data theft or business disruptions. Continue Reading
-
News
05 Apr 2021
FBI, CISA: APT Actors Exploiting Unpatched Fortinet Vulnerabilities
Though Fortinet issued a software update for the vulnerabilities in 2019, FBI and CISA warn that APT threat actors are actively exploiting unpatched flaws to gain network access. Continue Reading
-
News
05 Apr 2021
Addressing the Security Vulnerabilities of Internal Communication Platforms
Communication platforms have enabled organizations to work throughout the potential but have also opened to door to unauthorized access Continue Reading
-
News
01 Apr 2021
DHS CISA Shares More Microsoft Exchange Vulnerability Guidance
While directed at federal agencies, DHS CISA is urging private sector infrastructure entities to review triage guidance designed to further mitigate Microsoft Exchange vulnerabilities. Continue Reading
-
News
31 Mar 2021
Feds Seize Fraudulent COVID-19 Vaccine, Pharmacy, Pfizer Websites
A federal government effort has taken down multiple fraudulent websites tied to the COVID-19 response and vaccine rollout, in addition charges for 474 individuals. Continue Reading
-
News
31 Mar 2021
Attackers Target Medical Research Staff with Credential Phishing Attacks
A new Proofpoint report shows a nation-state hacking group with ties to Iran is targeting senior medical research personnel in the US and Israel with credential phishing attacks. Continue Reading
-
News
29 Mar 2021
The Risk and Challenge of Bad Bot Traffic on Healthcare Sites, Apps
Imperva saw a 372 percent spike in bad bot traffic against healthcare websites and applications in recent months. What’s worse, mitigating the risk will be a massive challenge. Continue Reading
-
News
26 Mar 2021
FBI: Mamba Ransomware Actors Weaponizing Freeware Encryption Tool
Hackers are leveraging Mamba ransomware to weaponize the legitimate, open source disk encryption software known as DiskCryptor, which blocks victims’ access to the network. Continue Reading
-
News
24 Mar 2021
Brute-Force Campaign on Windows SMBs Spreads Worming Malware
Hackers are performing brute-force attacks on vulnerable, internet-facing Windows SMBs to deliver Purple Fox malware. The variant has been updated with worming capabilities. Continue Reading
-
News
24 Mar 2021
Pharmacy, Hospital Phishing Attacks Spike 189% Amid Vaccine Rollout
A new report sheds light on the tactics leveraged by hackers amid the COVID-19 pandemic and the latest phishing schemes against hospitals and pharma spurred by the vaccine rollout. Continue Reading
-
News
23 Mar 2021
Exchange Flaw Latest: 30K Servers Vulnerable, Daily Attacks Spike
F-Secure researchers have observed upwards of thousands of daily attacks against the zero-day flaws in Exchange servers, while Microsoft estimates that at least 8 percent remain unpatched. Continue Reading
-
News
22 Mar 2021
FBI Alerts to Rise in BEC Cyberattacks on US Orgs, Impacting Resources
A recent private sector alert from the FBI warns that hackers have been increasingly using business email compromise (BEC) attacks that can hinder operations and strain resources. Continue Reading
-
News
19 Mar 2021
DHS CISA Shares Incident Response Tool for On-Prem Threat Activity
The new CISA Hunt and Incident Response Program (CHIRP) tool from DHS is meant to support entities with detection of threat activity and compromise of on-prem environments. Continue Reading
-
News
18 Mar 2021
FBI: $4.2B Lost to Cybercrime in 2020, Led By Phishing, BEC, Extortion
BEC, phishing, and extortion were among the leading threats behind complaints filed with the FBI in 2020, as cybercrime cost all victims $4.2 billion, overall. Continue Reading
-
News
17 Mar 2021
Feds Warn of TrickBot Spear-Phishing Attacks Delivering Malware Payload
DHS CISA and the FBI urge entities to be on alert for a sophisticated TrickBot spear-phishing campaign. Meanwhile, Check Point found TrickBot is the most distributed malware. Continue Reading
-
News
17 Mar 2021
Hackers Successfully Exploiting Older, Unpatched Microsoft Vulnerabilities
Despite the issue of software updates three years ago, hackers are continuing to exploit and gain access to networks through vulnerable, unpatched Microsoft vulnerabilities. Continue Reading