Hello world,
Today’s Paubox Weekly is 543 words - a 2 minute read.
Want to get this type of content delivered to your inbox every Friday? Subscribe to Paubox Weekly.
Google has patched a zero-day vulnerability in its Chrome browser that would have allowed attackers to execute malicious code on users' devices.
The bottom line: While Google has patched the reported vulnerabilities, users must promptly update their Chrome browsers to the latest version to mitigate the security risk.
The fifth time this year already
The Paubox Zoom social mixer for May 2024 was a roundtable discussion covering topics like ransomware, new cybersecurity threats, and DMARC best practices.
What was said: The mixer began with a harrowing tale of a nurse who downloaded a legal document that contained Gootloader - pre-ransomware designed to prepare a computer system for a future ransomware attack.
A joint cybersecurity advisory released by the NSA and FBI includes their recommended DMARC security policies.
The big picture: A DMARC policy is a security measure for email that helps prevent fraud and phishing. It ensures that emails claiming to come from your domain are genuinely sent from your domain.
The bare minimum recommended by the NSA
The HHS recently finalized anti-discrimination regulations addressing patient care decision support tools, including clinical algorithms and AI.
What's new: The regulations place clear obligations on covered entities to proactively address the potential for discrimination within their patient care decision support tools.
A one-year compliance timeline
Ascension Health experienced a cyberattack in May that disrupted operations and patient care that may have affected 13.4 million customers.
What was said: A provider at Ascension Health told Fox Business that their “teams are trained for these kinds of disruptions and have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible."
The average cost of a cyberattack has risen to $4.45 million
CISA and the FBI reported that Black Basta ransomware affiliates breached over 500 organizations between April 2022 and May 2024, encrypting and stealing data from at least 12 critical infrastructure sectors.
Why it matters: Healthcare organizations, in particular, are urged to apply the recommended mitigations due to their attractiveness to cybercriminals and the potential for significant disruptions to patient care.
Linked to the attack that hit Ascension Health