https://www.zdnet.com/article/eu-pharmaceutical-giants-run-old-vulnerable-apps-and-fail-to-use-encryption-in-login-forms/ Search What are you looking for? [ ] Go * Windows 11 * 5G * Best VPNs * Cloud * Security * AI * ZDNet Recommends * more + Innovation + Working from Home + Best Web Hosting + Tonya Hall Show + Executive Guides + ZDNet Academy + See All Topics + Downloads + Reviews + Galleries + Videos * Edition: + Asia + Australia + Europe + India + United Kingdom + United States + + ZDNet around the globe: + ZDNet France + ZDNet Germany + ZDNet Korea + ZDNet Japan * Newsletters * All Writers * + Preferences + Community + Newsletters + Log Out * * + What are you looking for? [ ] Go * Menu + Windows 11 + 5G + Best VPNs + Cloud + Security + AI + ZDNet Recommends + Innovation + Working from Home + Best Web Hosting + Tonya Hall Show + Executive Guides + ZDNet Academy + See All Topics + Downloads + Reviews + Galleries + Videos * us + Asia + Australia + Europe + India + United Kingdom + United States + + ZDNet around the globe: + ZDNet France + ZDNet Germany + ZDNet Korea + ZDNet Japan * * + o Preferences o Community o Newsletters o Log Out EU pharmaceutical giants run old, vulnerable apps and fail to use encryption in login forms New research highlights hundreds of companies that are at risk of cyberattacks. * * * * * * * * Charlie Osborne By Charlie Osborne for Zero Day | November 11, 2021 | Topic: Security New research into the security posture of Europe's top pharmaceutical giants has revealed concerning levels of vulnerabilities and weak spots in web applications. Security * Exchange Server bug: Patch immediately, warns Microsoft * Average ransomware payment for US victims more than $6 million * Microsoft Patch Tuesday: 55 bugs squashed, two under active exploit * Suspected REvil ransomware affiliates arrested * The best phishing target? Your smartphone * Why you need this $29 security key On Thursday, Outpost24 published new research that claims the top 10 pharmaceutical countries in the region are all failing to maintain a robust security posture -- with 80% considered to be "critically exposed" to the risk of cyberattacks. According to the report, Outpost24's "2021 Web Application Security for Healthcare," EU pharmaceutical businesses often run large numbers of web applications and 3.3% of those scanned by the firm are deemed "suspicious," including open test environments that should have been closed. In addition, 18% of organizations analyzed are using outdated, unpatched web components that contain known vulnerabilities. US healthcare organizations have roughly the same amount of suspicious apps in operation but tend to run far fewer apps on the whole -- however, 23.74% of them are outdated. screenshot-2021-11-10-at-11-04-34.png screenshot-2021-11-10-at-11-04-34.png Outpost24 Over 200 EU pharmaceutical application forms noted in the report are operating without encryption, which puts users at risk of both the interception and theft of their information online. Outpost24 said that basic SSL failures, privacy policy misconfigurations, and cookie settings also feature as common security and compliance problems. The damage a cyberattack can cause a healthcare or pharmaceutical company can be severe. The COVID-19 pandemic put a target on the back of many of these organizations, with an Oxford University lab with COVID-19 research links and the UK Research and Innovation organization being only two examples of recent victims of incidents leading to data theft and disruption. "As the attack surface and trade secrets that pharmaceutical organizations process become more pertinent, it will give threat actors more reasons and motivations to step up malicious attacks for profit and put public health at risk," commented Nicolas Renard, Outpost24 security researcher. Previous and related coverage * Managing AI and data science: Practical lessons from big pharma * Pharma companies are counting on cloud computing and AI to make drug development faster and cheaper * AI makes inroads in life sciences in small but significant ways: Lantern Pharma's quest --------------------------------------------------------------------- Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 --------------------------------------------------------------------- Security TV | Data Management | CXO | Data Centers Show Comments LOG IN TO COMMENT * My Profile * Log Out | Community Guidelines Join Discussion Add Your Comment Add Your Comment Related * * * * * * [][zdnet] US indicts UK resident 'PlugwalkJoe' for cryptocurrency theft * [][zdnet] These websites have let their users down the most this year * [][zdnet] Medical school exposes personal data of thousands of students * [][zdnet] North Korean hackers target the South's think tanks through blog posts * [][zdnet] Ransomware experts question massive Pysa/Mespinoza victim dump * [][zdnet] Singapore embraces Zero Trust: A prediction comes true * [][zdnet] Best mini fridge 2021: Compact cooling for home or dorm * [][zdnet] The best meal kit delivery service 2021 * [][zdnet] Best laptop 2021: Mac, PC, and Chromebook compared Please review our terms of service to complete your newsletter subscription. [ ] You agree to receive updates, promotions, and alerts from ZDNet.com. You may unsubscribe at any time. By joining ZDNet, you agree to our Terms of Use and Privacy Policy. [ ] You agree to receive updates, promotions, and alerts from ZDNet.com. You may unsubscribe at any time. By signing up, you agree to receive the selected newsletter(s) which you may unsubscribe from at any time. You also agree to the Terms of Use and acknowledge the data collection and usage practices outlined in our Privacy Policy. Continue Newsletters See All See All ZDNet Connect with us (c) 2021 ZDNET, A RED VENTURES COMPANY. ALL RIGHTS RESERVED. Privacy Policy | Cookie Settings | Advertise | Terms of Use * Topics * Galleries * Videos * Sponsored Narratives * Do Not Sell My Information * About ZDNet * Meet The Team * All Authors * RSS Feeds * Site Map * Reprint Policy * Manage | Log Out * Join | Log In * Membership * Newsletters * Site Assistance * ZDNet Academy