Security news aggregator

Latest coverage for Admission

The Admission tag covers security disclosures and statements that clarify how breaches or unauthorized access occurred.

13 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Admission is the decision to allow or deny a user, device, application, or service access to a resource. In information security, it usually combines authentication—checking who or what is requesting access—with authorization—determining which actions and resources are permitted. The term can also describe network or application admission controls that assess a device’s identity, configuration, or security state before allowing it to connect.

Weak admission controls can expose systems through stolen credentials, missing multi-factor authentication, misconfigured access-control lists, or roles that grant more privilege than necessary. Effective controls apply least privilege, restrict access by context where appropriate, and review permissions as people, devices, and services change. Recording both successful and rejected admission decisions supports detection and investigation of suspicious access, while periodic testing helps identify bypasses and unsafe defaults.

Volume over time

Weekly headline count for the current query.

Showing 13 most recent headlines Filtered view

Epic v. Health Gorilla Lawsuit Spurs New Claims Over Alleged Patient Records MisuseA telehealth firm has admitted that it gained access to patient medical records via a health information exchange network under the guise of treatment purposes when it actually provided the records to law firms. But the legal dispute involving Epic and Health Gorilla is growing more complicated.

Bank Info Security 11 months, 2 weeks ago

2 Law Group Data Theft Hacks Affect 282,100 Patients

Firm Admits Paying Ransom in Exchange of Hacker's Promise to Delete Stolen InfoTwo Florida-based law firms with offices in other states are notifying 282,100 people whose healthcare and other information was potentially compromised in separate data theft incidents. One of the firms admitted to paying a ransom to prevent its data from being leaked on the dark web.

Bank Info Security 1 year, 1 month ago

Breach Roundup: Ukraine Hacks Russian Warplane Maker

Also, Crypter Takedown, Threat Intel Naming Accord and Regulators Ping CrowdStrikeThis week, Ukraine hacked Tupelov, Russian hacking, crypter sites seized and the U.S. will seize North Korean IT worker crypto. Regulators probed CrowdStrike. A Rosetta Stone for intel. A Romanian man admitted to swatting, Lee Enterprises hack exposed data and an FBI vet joined the private sector.

Bank Info Security 1 year, 1 month ago

RobbinHood Ransomware Hacker Pleads Guilty in US Court

A RobbinHood Attack Against Baltimore Cost City $19 MillionAn Iranian national behind a spate of ransomware attacks against U.S. municipalities including an attack that cost the city of Baltimore $19 million to rectify pleaded guilty in U.S. federal court Tuesday afternoon. Sina Gholinejad, 37, admitted to deploying Robinhood ransomware.

Bank Info Security 1 year, 8 months ago

Sophos Discloses Half Decade of Sustained Chinese Attack

Volt Typhoon, APT31, APT41 Targeted Sophos Edge DevicesFirewall maker Sophos disclosed Thursday a half-decade worth of efforts by multiple nation-state Chinese hacking groups to infiltrate its appliances, calling the admission a wake-up call for the cybersecurity industry. Targeting firewall appliances is a known nation state tactic as hackers

Bank Info Security 2 years, 2 months ago

Change Health Attack: Details Emerge; Breach Will Top Record

Experts Advise Health Sector to Take Steps as UnitedHealth Group Cleans Up MessUnitedHealth Group's admission that information for "a substantial portion" of the American population was compromised in its Change Healthcare cyberattack sets into motion the likelihood the incident will become the largest health data breach ever reported in U.S. What other details are emerging?

Bank Info Security 2 years, 2 months ago

Company Says Change Healthcare Hackers Stole Sensitive Data

UnitedHealth Group Makes Low Key Admission in Online FAQUnitedHealthGroup said for the first time that hackers behind a February ransomware attack against Change Healthcare breached sensitive health information, an admission that triggers a regulatory countdown clock for public disclosures and individual notification.

Bank Info Security 2 years, 3 months ago

UnitedHealth Admits Patient Data Was 'Taken' in Mega Attack

US Government Offers $10M Bounty to Track Down Leadership of BlackCat Crime GroupUnitedHealth Group has admitted data was "taken" in the cyberattack on Change Healthcare and has just started analyzing the types of personal, financial and health information potentially compromised. The U.S. is offering a $10 million bounty for BlackCat, which claims to have launched the attack.

Bank Info Security 2 years, 5 months ago

Ransomware Disrupts Hospital Services in Romania and France

Emergency Services Are Suspended as Digital Systems Are Pulled OfflineRansomware operators disrupted emergency healthcare services over the weekend, crippling operations in nearly two dozen hospitals in Romania and France. Ransomware attacks increase the in-hospital mortality rate for already-admitted patients, a recent study concluded.

Bank Info Security 2 years, 6 months ago

BreachForums Boss Jailed for Violating Release Requirements

Conor Fitzgerald Allegedly Violated Computer Monitoring Requirement, VPN BanThe FBI arrested Conor Fitzgerald, the admitted administrator of the notorious, now-defunct BreachForums data breach forum and marketplace, for violating the conditions of his presentencing release, after he allegedly used VPN software and evaded mandatory monitoring of his computers.

Bank Info Security 2 years, 8 months ago

Security Firm COO Hacked Hospitals to Drum Up Business

Atlanta Man Pleads Guilty, Is Ordered to Pay $818,000 Restitution, May Avoid PrisonThe chief operating officer of an Atlanta-based cybersecurity firm has pleaded guilty and agreed to pay restitution of more than $818,000 in a federal criminal case in which he admitted hacking a Georgia medical center in 2018 in an effort to drum up business for his company.