The HHS Office of Inspector General (OIG) has called for the Office for Civil Rights (OCR) to expand its HIPAA audit program and define audit effectiveness metrics following a rise in healthcare cyberattacks and data breaches. An OIG audit discovered OCR fulfilled its duties to perform periodic audits for HIPAA compliance, but did not include many of the necessary safeguards, and did not require audited entities to take corrective action. OCR was in agreement with most recommendations but cited a need for increased funding and staffing resources.
IXON VPN Vulnerabilities Let Attackers Gain Access to Windows & Linux Systems
A security assessment by Shelltrail revealed three critical vulnerabilities in the IXON VPN client, allowing privilege escalation on Windows and Linux. Identified as CVE-2025-ZZZ-01, CVE-2025-ZZZ-02,
%20CISO%E2%80%99s%20Core%20Focus.webp?w=0&resize=0,0&ssl=1 "Identity and Access Management (IAM)")