Healthcare

VMware recently patched a critical authentication bypass vulnerability in their VMware Workspace ONE Access, Identity Manager and vRealize Automation products (CVE-2022-22972). This vulnerability allows an attacker to login as any known local user.

Podcast Channel of AST Cybersecurity: 05/25/22. Horizon3.ai CEO and co-founder Snehal Antani joins Ravi Das to discuss the cybersecurity challenges of the healthcare industry.

Teaching hospital insisted on false positive when NodeZero exploited a critical but year-old vulnerability in under one day, but...

It isn’t enough to have to have the security solution. A medical clinic with over 120 providers used best-in-class endpoint detection and response (EDR) software. Nevertheless, NodeZero quickly identified a device’s Local Security Authority Subsystem Service Process (LSASS), dump and cracked user credentials, moved laterally, and gained Windows Domain Administrator privileges. The result: full domain…

Which is more valuable to you; the ability to identify a problem, or the ability to solve the problem? There is a plethora of vulnerability scanning tools that do a decent job identifying vulnerabilities. Unfortunately, those tools rarely discern the possible from the exploitable.