Resilience. Security. Compliance.
Resilience. Security. Compliance.
The Department of Health and Human Services (HHS), under Secretary Robert F. Kennedy Jr., has proposed an ambitious autism research initiative aimed at identifying potential environmental factors contributing to autism. While the goal of advancing scientific understanding is commendable, the approach has raised serious HIPAA and privacy concerns. 🧠 The Proposal The initiative seeks to […]
The Social Security Administration (SSA) is making an important change to how recipients and users access their online services. Starting in mid-2024 and continuing into 2025, SSA is transitioning users from the existing my Social Security portal login system to login.gov — the secure, government-wide authentication platform managed by the General Services Administration (GSA). Here’s […]
The U.S. Department of Health and Human Services (HHS) has proposed significant updates to the HIPAA Security Rule to enhance the protection of electronic protected health information (ePHI) against modern cybersecurity threats. These changes, announced in January 2025, represent the most substantial overhaul of the Security Rule in over a decade .National Law Review+1Reuters+1Axios+1Axios+1 🔐 […]
In March 2025, President Donald Trump signed an executive order titled “Achieving Efficiency Through State and Local Preparedness,” which significantly shifts cybersecurity responsibilities from the federal government to state and local authorities. This policy change has sparked widespread concern among cybersecurity experts and state officials.Yahoo+6Inside Government Contracts+6The White House+6 Key Elements of the Executive Order […]
🔐 Overview of the Apple Zero-Day Vulnerabilities In April 2025, Apple addressed two critical zero-day vulnerabilities actively exploited in targeted attacks:GBHackers+2BleepingComputer+2Help Net Security+2 Apple released emergency patches for these vulnerabilities in iOS 18.4.1, iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, and visionOS 2.4.1. Help Net Security+6BleepingComputer+6Cyber Security News+6 🛡️ Recommendations
Why the CVE Program Matters — and Why CISA Saving It Is Critical The CVE Program — Common Vulnerabilities and Exposures — is the backbone of vulnerability tracking. It gives cybersecurity professionals a universal system to identify, communicate, and fix security flaws quickly. Without CVEs, patching would be slower, coordination chaotic, and defenses weaker. Earlier […]
The National Institute of Standards and Technology (NIST) has released a draft Cybersecurity Framework Profile for Ransomware Risk Management to help organizations prevent, respond and recover from ransomware attacks. The Ransomware Profile is intended to be used by organizations that have adopted the NIST Cybersecurity Framework and want to improve their risk postures or any organization that […]
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed a new set of cyber attacks targeting Ukrainian institutions with information-stealing malware. The activity is aimed at military formations, law enforcement agencies, and local self-government bodies, particularly those located near Ukraine’s eastern border, the agency said. The attacks involve distributing phishing emails containing a macro-enabled Microsoft Excel […]
In early 2025, Oracle Health (formerly Cerner) experienced two significant cybersecurity incidents that impacted multiple U.S. healthcare providers. 🔍 What Happened? The FBI and cybersecurity firm CrowdStrike are currently investigating.