Fake Malware Tricks Radiologists Diagnosing Cancer

Infosecurity Magazine | April 08, 2019

Fake Malware Tricks Radiologists Diagnosing Cancer
With the use of deep learning, researchers Yisroel Mirsky, Tom Mahler, Ilan Shelef and Yuval Elovici at Cyber Security Labs at Ben-Gurion University demonstrated in a video proof of concept (PoC) that an attacker could fool three expert radiologists by falsifying CT scans, inserting or removing lung cancer, the Washington Post reported. “In 2018, clinics and hospitals were hit with numerous cyber attacks leading to significant data breaches and interruptions in medical services,” the researchers wrote. “Attackers can alter 3D medical scans to remove existing, or inject non-existing medical conditions. An attacker may do this to remove a political candidate/leader, sabotage/falsify research, perform murder/terrorism, or hold data ransom for money.” Using a test dummy to highlight the vulnerabilities in picture archiving and communication systems (PACS), researchers demonstrated that 98% of the times they injected or removed solid pulmonary nodules, they were able to fool radiologists and state-of-the-art artificial intelligence (AI).

Spotlight

Keeping corporate data secure is a top priority for  any organisation. After all, a data breach can cause significant financial losses, expose executives to legal actions, damage your company's reputation and weaken or eliminate competitive business advantage.

Related News

Research shows Boardroom investments in cybersecurity are most commonly the result of an incident or fears of compliance audit failure

prnewswire | October 08, 2020

Thycotic, provider of privileged access management (PAM) solutions to more than 10,000 organizations, including 25 of the Fortune 100, today released its CISO Decisions survey, an independent global study1 that examines what most influences the Board to invest in cybersecurity and the impact this has on CISO decision-making. Based on findings from more than 900 global CISOs/Senior IT decision-makers, the research shows Boardroom investments in cybersecurity are most commonly the result of an incident or fears of compliance audit failure. Because of this, the research shows more than half, 58 percent, of respondents say their organizations plan to add more towards security budgets in the next 12 months.

Read More

DATA SECURITY

CFGI and SecurityScorecard Collaborate to Provide Security Rating Monitoring as a Service

CFGI | May 26, 2021

CFGI, a leading provider of Accounting Advisory, Cybersecurity and IT Risk Advisory solutions, and SecurityScorecard, the worldwide leader in cybersecurity ratings, today announced a new partnership to streamline and strengthen how organizations manage their cybersecurity and third-party risk through the use of Security Ratings. CFGI has partnered with SecurityScorecard to non-intrusively evaluate an organizations' cybersecurity using an 'outside-in methodology. This approach enables CFGI to monitor and update the cybersecurity ratings of our clients in a very continuous manner. With these cybersecurity ratings and the extensive information on which they are based, organizations are presented with valuable information for assessing compliance with industry-leading cybersecurity risk standards. As a SecurityScorecard managed security services provider (MSSP), CFGI will be delivering industry-leading cybersecurity ratings to clients to enhance their security posture, ensure adherence to regulatory requirements, and continuously monitor third-party risk. This partnership comes at a time when risk and compliance teams are experiencing unprecedented pressure to successfully manage their own and third-party risk, due to changing regulatory requirements, higher numbers of vendors, and more pressure from the board of directors. Heightened regulatory scrutiny has created the necessity for next-generation solutions to assist organizations in better manage the risk posed by their business partners. With the partnership between CFGI and SecurityScorecard, organizations can now be aware of cybersecurity gaps and advised on what is needed to fill them. What value do CFGI clients receive? • Technical dashboards and detailed reports with your most critical risk factors. • Easy-to-read board-level reports and workflow tools for cybersecurity assessments. • Risk remediation advisory services by CFGI, whose experts work closely with your technology teams or third parties. • Ability to view your historical vulnerabilities and threats for continued improvement. • Ability to quantify and demonstrate your return on security investments. • Ability to benchmark your cybersecurity current state against industry peers and competitors. About CFGI CFGI, a portfolio company of The Carlyle Group, is a highly specialized financial consulting company that supports the office of the CFO with all its accounting, finance, risk management, and digital transformation needs. As an extension of your SOX, internal audit, corporate finance, or cybersecurity team, CFGI can serve in a variety of capacities – from technical accounting or finance transformation advisor to IPO and M&A support to controller or CFO.

Read More

DATA SECURITY

NETSCOUT Announces Availability of Omnis Cyber Intelligence

NETSCOUT | November 08, 2021

NETSCOUT SYSTEMS, INC.a leading provider of cybersecurity, service assurance, and business analytics solutions, today announced the availability of Omnis® Cyber Intelligence (OCI), the industry's fastest and most scalable network security software solution, built on the foundation of the industry's most prominent network monitoring and packet recording and analysis technology. It uniquely detects and investigates suspicious activities in real-time and retrospectively, identifies threats early in the attack life cycle to prevent infections from spreading, stops future attacks, and identifies compromised assets. With cyberattacks increasing and breaches making front-page news, IT security teams find that their existing tools are no match for this growing threat, and both their expenses and their cyber risk are growing out of control. This is the case because the typical data sets feeding these tools are reactive, not granular, and do not extend to the earliest indications of a potential attack. NETSCOUT's approach to turn the situation around is to leverage its market-leading visibility technology to increase the range and depth of security intelligence and make it accessible to security teams in real-time. The solution consists of an analytics stack and cyber security software sensors called Omnis CyberStreams. NETSCOUT's Omnis Cyber Intelligence arms security teams with proactive, actionable intelligence helping them to: Perform continuous scanning and analysis for reconnaissance to detect attacks earlier, minimizing exposure and, in many cases, thwarting the threat. Rapidly access high-resolution historical evidence far back in time to understand how an attack started to prevent similar breaches and stop ongoing malicious activity. Monitor exposed attack surfaces within their infrastructure to optimize the effectiveness of the defenses deployed. Evaluate the extent of penetration and impacted assets when attacks occur to prevent malware from spreading. Deploy on-premises, in virtualized data centers, and the public cloud, supporting an organization's evolving deployment preferences without impacting security governance and workflows. Integrate with their security ecosystem through APIs and partnerships with leading vendors such as Splunk, Palo Alto Networks, and AWS. As a result, the effectiveness of customers' existing security tools and the productivity of analysts improve, and they can get ahead of the vicious cycle of both rising costs and rising cyber risk. "NETSCOUT's unique ASI technology allows companies to truly unlock the actionable intelligence embedded in network transactions and packets,Where others have failed, NETSCOUT has made the use of packet data fast and affordable with their patented metadata extraction, intelligent reduction, and indexing. Omnis Cyber Intelligence provides security analysts with the information they need to quickly and accurately assess the scope and scale of an incident and reduce the associated risk and negative impact." Christopher Kissel, research director, security and trust products, IDC "Enterprises have invested heavily in cybersecurity solutions, but they are largely ineffective because they lack the actionable visibility needed to spot attacks before they have broad impact," stated Sanjay Munshi, vice president, product management, NETSCOUT. "As attack surfaces expand, the Omnis Cyber Intelligence solution extends throughout the infrastructure, integrates into existing ecosystems, and becomes part of the growing movement towards XDR, using meaningful metadata, or smart data, and powerful cyber analytics to quickly get to the root cause of the cybersecurity issue and mitigate risk." About NETSCOUT NETSCOUT SYSTEMS, INC. helps assure digital business services against security, availability, and performance disruptions. Our market and technology leadership stems from combining our patented smart data technology with smart analytics. We provide real-time, pervasive visibility and insights customers need to accelerate and secure their digital transformation. Omnis® Cyber Intelligence delivers the fastest and most scalable network security solution available on the market. NETSCOUT nGenius® service assurance solutions provide real-time, contextual analysis of service, network, and application performance. And Arbor® Smart DDoS Protection by NETSCOUT products help protect against attacks that threaten availability and advanced threats that infiltrate networks to steal critical business assets.

Read More

Spotlight

Keeping corporate data secure is a top priority for  any organisation. After all, a data breach can cause significant financial losses, expose executives to legal actions, damage your company's reputation and weaken or eliminate competitive business advantage.