The article discusses the limitations and challenges facing the Common Vulnerabilities and Exposures (CVE) List and the National Vulnerability Database (NVD), which are no longer able to serve as a comprehensive and central source of vulnerability information. MITRE, which oversees the CVE system, struggles to list all new vulnerabilities, while NIST faces difficulties in enriching the NVD with all vulnerabilities due to resource constraints. This issue is exacerbated by the increasing volume and complexity of vulnerabilities, with a reported 20% annual increase in new vulnerabilities. The article highlights the implications of these challenges, including the presence of vulnerabilities without CVE numbers, the potential for false positives and negatives within the system, and the fragmentation of vulnerability information across multiple platforms. The situation calls for improved mechanisms for vulnerability reporting and management, a problem that NIST aims to address by forming a consortium to develop better tools and methods. Despite these efforts, there remains a need for a more unified and efficient approach to vulnerability management to ensure the security of digital infrastructure.

CVE and NVD - A Weak and Fractured Source of Vulnerability Truth SecurityWeek

The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) released a critical report on Microsoft's handling of a significant breach last year, attributed to Chinese nation-state actor Storm-0558. This breach, involving the theft of a Microsoft account signing key, affected 22 customer organizations, including federal government agencies. The CSRB criticized Microsoft for preventable errors, including failure to detect the theft, reliance on the U.S. State Department for its detection, and inadequately updating inaccurate public statements regarding the incident. The report calls for a major overhaul of Microsoft's security culture, highlighting a series of operational and strategic decisions that put enterprise security and risk management at a disadvantage. Despite this, Microsoft has expressed its commitment to adopting a new culture of security through its Secure Future Initiative.

Infosec professionals praise CSRB report on Microsoft breach TechTarget

Surgeons at the Sint-MaartensKliniek in the Netherlands utilized a 3D-printed, patient-specific hip implant from Materialise for a complex case, highlighting a growing trend towards custom medical devices. The use of off-the-shelf implants, which come in generic sizes, often leads to poor outcomes and additional surgeries due to improper fit. The industry has seen a significant increase in demand for custom 3D-printed implants and surgical guides, spurred by advancements in software from companies like Axial3D and Materialise that have reduced the time needed to convert patient scans into accurate 3D models from weeks to a day or less. This shift towards personalization is being driven by the potential for better surgical outcomes, reduced operation times, and quicker recovery periods. Major medical device makers are investing in patient-specific products, with innovations in AI and machine learning streamlining the design process and potentially reducing production times. Despite the advantages, the adoption of patient-specific implants faces challenges, including the need for a robust supply chain and regulatory guidance, with the FDA expected to issue guidelines on in-hospital 3D printing of implants in 2024.

AI-Powered 3D Printing Redefines Implant Surgery Forbes

Walmart is scaling back its expansion plans for its Health Center superstores amid challenges in aligning the growth of its primary care network with market demand. Initially set to open more than 30 locations in 2024, the retail giant now plans to inaugurate 22 health centers, mainly in Texas and the Kansas City metro area, starting this month. Walmart Health, launched in 2019 in Georgia, aims to serve underserved communities with affordable, transparent pricing for a variety of services, including primary and urgent care, labs, and dental. The company's cautious growth approach comes in the context of a broader push by retail companies into the primary healthcare market, seeking to leverage their scale to meet growing demand for accessible healthcare services. Despite this slowdown, Walmart is still pursuing a goal of operating over 75 health centers by early 2025, adjusting its expansion timeline in response to external pressures, like construction resource constraints in Arizona, and reassessing its strategic approach amidst a competitive healthcare landscape dominated by big retail and tech companies.

Walmart decelerates health center expansion plans Healthcare Dive

The article discusses the limitations and challenges facing the Common Vulnerabilities and Exposures (CVE) List and the National Vulnerability Database (NVD), which are no longer able to serve as a comprehensive and central source of vulnerability information. MITRE, which oversees the CVE system, struggles to list all new vulnerabilities, while NIST faces difficulties in enriching the NVD with all vulnerabilities due to resource constraints. This issue is exacerbated by the increasing volume and complexity of vulnerabilities, with a reported 20% annual increase in new vulnerabilities. The article highlights the implications of these challenges, including the presence of vulnerabilities without CVE numbers, the potential for false positives and negatives within the system, and the fragmentation of vulnerability information across multiple platforms. The situation calls for improved mechanisms for vulnerability reporting and management, a problem that NIST aims to address by forming a consortium to develop better tools and methods. Despite these efforts, there remains a need for a more unified and efficient approach to vulnerability management to ensure the security of digital infrastructure.

CVE and NVD - A Weak and Fractured Source of Vulnerability Truth SecurityWeek

The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) released a critical report on Microsoft's handling of a significant breach last year, attributed to Chinese nation-state actor Storm-0558. This breach, involving the theft of a Microsoft account signing key, affected 22 customer organizations, including federal government agencies. The CSRB criticized Microsoft for preventable errors, including failure to detect the theft, reliance on the U.S. State Department for its detection, and inadequately updating inaccurate public statements regarding the incident. The report calls for a major overhaul of Microsoft's security culture, highlighting a series of operational and strategic decisions that put enterprise security and risk management at a disadvantage. Despite this, Microsoft has expressed its commitment to adopting a new culture of security through its Secure Future Initiative.

Infosec professionals praise CSRB report on Microsoft breach TechTarget

Surgeons at the Sint-MaartensKliniek in the Netherlands utilized a 3D-printed, patient-specific hip implant from Materialise for a complex case, highlighting a growing trend towards custom medical devices. The use of off-the-shelf implants, which come in generic sizes, often leads to poor outcomes and additional surgeries due to improper fit. The industry has seen a significant increase in demand for custom 3D-printed implants and surgical guides, spurred by advancements in software from companies like Axial3D and Materialise that have reduced the time needed to convert patient scans into accurate 3D models from weeks to a day or less. This shift towards personalization is being driven by the potential for better surgical outcomes, reduced operation times, and quicker recovery periods. Major medical device makers are investing in patient-specific products, with innovations in AI and machine learning streamlining the design process and potentially reducing production times. Despite the advantages, the adoption of patient-specific implants faces challenges, including the need for a robust supply chain and regulatory guidance, with the FDA expected to issue guidelines on in-hospital 3D printing of implants in 2024.

AI-Powered 3D Printing Redefines Implant Surgery Forbes

Walmart is scaling back its expansion plans for its Health Center superstores amid challenges in aligning the growth of its primary care network with market demand. Initially set to open more than 30 locations in 2024, the retail giant now plans to inaugurate 22 health centers, mainly in Texas and the Kansas City metro area, starting this month. Walmart Health, launched in 2019 in Georgia, aims to serve underserved communities with affordable, transparent pricing for a variety of services, including primary and urgent care, labs, and dental. The company's cautious growth approach comes in the context of a broader push by retail companies into the primary healthcare market, seeking to leverage their scale to meet growing demand for accessible healthcare services. Despite this slowdown, Walmart is still pursuing a goal of operating over 75 health centers by early 2025, adjusting its expansion timeline in response to external pressures, like construction resource constraints in Arizona, and reassessing its strategic approach amidst a competitive healthcare landscape dominated by big retail and tech companies.

Walmart decelerates health center expansion plans Healthcare Dive