A set of new requirements proposed by the US Department of Health and Human Services’ (HHS) Office for Civil Rights could bring healthcare organizations up to par with modern cybersecurity practices. The proposal, posted to the Federal Register on Friday, includes requirements for multifactor authentication, data encryption and routine scans for vulnerabilities and breaches. It would also make the use of anti-malware protection mandatory for systems handling sensitive information, along with network segmentation, the implementation of separate controls for data backup and recovery, and yearly audits to check for compliance.

HHS also shared a fact sheet outlining the proposal, which would update the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule. A 60-day public comment period is expected to open soon. In a press briefing, US deputy national security advisor for cyber and emerging technology Anne Neuberger said the plan would cost $9 billion in the first year to execute, and $6 billion over the subsequent four years, Reuters reports. The proposal comes in light of a marked increase in large-scale breaches over the past few years. Just this year, the healthcare industry was hit by multiple major cyberattacks, including hacks into Ascension and UnitedHealth systems that caused disruptions at hospitals, doctors’ offices and pharmacies.

“From 2018-2023, reports of large breaches increased by 102 percent, and the number of individuals affected by such breaches increased by 1002 percent, primarily because of increases in hacking and ransomware attacks,” according to the Office for Civil Rights. “In 2023, over 167 million individuals were affected by large breaches — a new record.”

This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/healthcare-organizations-in-the-us-may-soon-get-a-cybersecurity-overhaul-220933165.html?src=rss

©

© Pexels/Photo by Pavel Danilyuk

CEO Sundar Pichai reportedly told Google employees that 2025 will be a “critical” year for the company. CNBC reports that it obtained audio from a December 18 strategy meeting where Pichai and other executives put on ugly holiday sweaters and laid out their priorities for the coming year. “I think 2025 will be critical,” Pichai […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Welcome to Indie App Spotlight. This is a weekly 9to5Mac series where we showcase the latest apps in the indie app world. If you’re a developer and would like your app featured, get in contact.

---

Type is a minimalist note taking app for your Mac, allowing you to easily capture notes and keep them organized – all from a simple keyboard shortcut. It’s the best way to jot something down in a pinch, without any of the potential distractions.

more…

Cynthia Erivo teases a new solo number she'll get to belt out as Elphaba in Wicked: For Good.

Apple Card passed its five year anniversary this year, and I’ve recently been thinking about whats next for the credit card. With Apple Card not being super profitable, combined with the fact that Apple wants to grow its services revenue among declining hardware sales, I think it could make a lot of sense for Apple to start offering a higher end credit card.

more…

The US Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) is proposing new cybersecurity requirements for healthcare organizations aimed at protecting patients’ private data in the event of cyberattacks, reports Reuters. The rules come after major cyberattacks like one that leaked the private information of more than 100 million UnitedHealth patients earlier this year.

The OCR’s proposal includes requiring that healthcare organizations make multifactor authentication mandatory in most situations, that they segment their networks to reduce risks of intrusions spreading from one system to another, and that they encrypt patient data so that even if it’s stolen, it can’t be accessed. It would also direct regulated groups to undertake certain risk analysis practices, keep compliance documentation, and more.

The rule is part of the cybersecurity strategy that the Biden administration announced last year. Once finalized, it would update the Security Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which regulates doctors, nursing homes, health insurance companies, and more, and was last updated in 2013.

US deputy national security advisor Anne Neuberger put the cost of implementing the requirements at “an estimated $9 billion in the first year, and $6 billion in years two through five,” writes Reuters. The proposal is due to be published in the Federal Register on January 6th, which will kick off the 60-day public comment period before the final rule is set.

Apple initially introduced the HomePod mini in 2020 alongside the iPhone 12 lineup, and since then, the product has remained mostly untouched. Apple added some new color options in 2021, including blue, orange, and yellow. The company also replaced Space Gray with Midnight this year, which looks the same – except its now 100% recycled mesh fabric.

However, for the first time in half a decade, Apple will finally be updating the HomePod mini, with a couple of enhancements.

more…

NASA said on Friday that it received a signal from the Parker Solar Probe confirming that the spacecraft had survived its closest ever flyby of the sun. The approach took it just 3.8 million miles from the surface, passing within the sun’s corona and allowing for unprecedented data collection in the vicinity of a star. A few million miles might seem like a pretty great distance, but to put things in perspective, NASA explains, “If the solar system was scaled down with the distance between the sun and Earth the length of a football field, Parker Solar Probe would be just four yards from the end zone.”

The probe’s current orbit takes it closest to the sun about every three months. It’ll swing back around for two more close flybys in 2025, on March 22 and June 19. The probe is expected to transmit the data from its latest close approach soon, once it’s in a better location to do so. “The data that will come down from the spacecraft will be fresh information about a place that we, as humanity, have never been,” said Joe Westlake, the director of the Heliophysics Division at NASA Headquarters. “It’s an amazing accomplishment.”

This article originally appeared on Engadget at https://www.engadget.com/science/space/parker-solar-probe-survived-its-close-approach-to-the-sun-and-will-make-two-more-in-2025-180350510.html?src=rss

©

© NASA/Johns Hopkins APL/Ben Smith

This year brought plenty of video games to the small and big screen. How bright is the future for game adaptations in the years to come?

According to Bloomberg, Apple is working on a second generation version of its popular and affordable item tracker, the , which initially debuted in 2021. Here’s everything what we’re expecting Apple to deliver with AirTag 2.

more…

Attorneys representing President-elect Donald Trump have asked the Supreme Court to pause a law that would force TikTok-owner ByteDance to sell the short-form video app or see it banned from the United States. If the app isn’t sold, the ban is set to take effect in just a few weeks, on January 19. ByteDance is […]

© 2024 TechCrunch. All rights reserved. For personal use only.

If you’re somebody who likes to clean and declutter in preparation for a new year, one way to speed it up is by investing in a good robot vacuum. The SwitchBot S10 is one of our favorite vacuums that also happens to be a terrific mop, too, and is currently down to its all-time low price of $699.99 ($500 off) when you clip the on-page coupon at Amazon. It’s also available for the same price directly from SwitchBot when you apply the promo code BFCM500A.

Of all the robot vacuums we’ve ever tested, the SwitchBot S10 offers the most hands-free experience, so you really can set it and forget it. The self-cleaning roller mop does an excellent job of polishing up your floors, and is even capable of lifting itself up to keep carpets dry. What’s more, the Switch S10 comes with an auto-empty dock as well as a separate battery-powered dock water station, which means the bot can empty and refill its own water tank. Just bear in mind you’ll have to hook it into your water supply.

Aside from offering a fantastic mopping and hands-free experience, the SwitchBot S10 is also a good vacuum with 6,500Pa suction power and decent AI-powered obstacle avoidance, although it admittedly can’t rival specs from competitors like Roborock, Dreame, and Ecovacs. That said, the SwitchBot S10 costs about $1,000 less, and for the price it does a great job of leaving the floor mostly spotless.

Read our SwitchBot S10 review.

Some more deals to kickstart your weekend

• The Mobvoi Home Walking Treadmill is on sale for $79.99 ($160 off) at Amazon, which is an all-time low price. The under-desk walking treadmill supports Bluetooth and can connect to Android smartwatches, allowing you to keep tabs on your steps and other metrics from your wrist. That said, it works best if you own a Mobvoi smartwatch, given you’ll need the Mobvoi Health app if you want to save your data on your phone. Read our review.
• Sennheiser’s Momentum 4 Wireless headphones are on sale for $199.99 ($200 off) at Amazon, which is their best price to date. The over-ears headphones deliver impressive battery life and can last a whopping 60 hours on a single charge, which is why they’re amongst our favorites. They also offer other impressive capabilities, including excellent noise cancellation, comfort, and sound. Read our review.
• The Twelve South AirFly Pro is on sale for $39.99 ($15 off) at Amazon and Best Buy, which is its second best price to date. The Bluetooth transmitter features an integrated 3.5mm cable, allowing you to pair two sets of wireless Bluetooth-equipped wireless headphones or earbuds to in-flight entertainment systems. It works with other tech as well, like treadmills and the Nintendo Switch, while offering an an aux input for older devices.

Some three months after launch, the “middle-child” Pixel 9 Pro has evolved into a polished, poised, Pixel. Here’s what it’s like to live with and whether it’s the best buy in the latest lineup.

more…

Rumors about foldable iPhones have circulated for many years, but recent reports have suggested that Apple is finally getting closer to announcing its new product. Apple is reportedly working on two foldable products, a clamshell foldable iPhone and a giant 20-inch foldable iPad, but the foldable iPhone is on track to debut first.

more…

Early testing demonstrates results that could be disastrous for patients.

CES kicks off January 7. The annual Las Vegas event sets the tone of the year’s consumer electronics and automotive industries. As always, TechCrunch will be there, sniffing stories from the most exciting startups and tech giants. If you really want a piece of the action without paying for the hotel and flight, many of […]

© 2024 TechCrunch. All rights reserved. For personal use only.

There are a number of iPad apps that can help you explore and express your creativity. Although the iPad started off as a simple device that could be used to stream content or browse the web on the go, Apple has essentially turned its iPads into powerful machines that can be used to do things […]

© 2024 TechCrunch. All rights reserved. For personal use only.

A cyberattack campaign inserted malicious code into multiple Chrome browser extensions as far back as mid-December, Reuters reported yesterday. The code appeared designed to steal browser cookies and authentication sessions, targeting “specific social media advertising and AI platforms,” according to a blog post from Cyberhaven, one of the companies that was targeted.

Cyberhaven blames a phishing email for the attack, writing in a separate technical analysis post that the code appeared to specifically target Facebook Ads accounts. According to Reuters, security researcher Jaime Blasco believes the attack was “just random” and not targeting Cyberhaven specifically. He posted on X that he’d found VPN and AI extensions that contained the same malicious code that was inserted into Cyberhaven.

Other extensions possibly affected include Internxt VPN, VPNCity, Uvoice, and ParrotTalks, as Bleeping Computer writes.

Cyberhaven says hackers pushed an update (version 24.10.4) of its Cyberhaven data loss prevention extension containing the malicious code on Christmas Eve at 8:32PM ET. Cyberhaven says it discovered the code on December 25th at 6:54PM ET and removed it within an hour, but that the code was active until December 25th at 9:50PM ET. The company says it released a clean version in its 24.10.5 update.

Cyberhaven’s recommendations for companies that may be affected include that they check their logs for suspicious activity and revoke or rotate any passwords not using the FIDO2 multifactor authentication standard. Prior to publishing its posts, the company notified customers via an email that TechCrunch reported Friday morning.

Former employees think altering an episode focusing on a transgender character may pave the way for more creative stifling at Disney.

"Despicable" people smugglers who are "exploiting vulnerable people" through social media face severe penalties, the Home Office has warned.