The National Institute of Standards and Technology (NIST) has updated its healthcare cybersecurity guidance, with a greater emphasis on risk management and enterprise risk management concepts. The guidance aims to inform the industry about security issues related to electronic protected health information (ePHI), within the context of the HIPAA Security Rule. It also addresses the challenges posed by telehealth, telemedicine, cloud services, and mobile device technology. The guidance includes resources to help healthcare organizations protect ePHI from ransomware and phishing. The US Department of Health and Human Services has observed an increase in cyberattacks on healthcare organizations.
IXON VPN Vulnerabilities Let Attackers Gain Access to Windows & Linux Systems
A security assessment by Shelltrail revealed three critical vulnerabilities in the IXON VPN client, allowing privilege escalation on Windows and Linux. Identified as CVE-2025-ZZZ-01, CVE-2025-ZZZ-02,
%20CISO%E2%80%99s%20Core%20Focus.webp?w=0&resize=0,0&ssl=1 "Identity and Access Management (IAM)")