EU pharmaceutical giants run old, vulnerable apps and fail to use encryption in login forms

New research into the security posture of Europe’s top pharmaceutical giants has revealed concerning levels of vulnerabilities and weak spots in web applications. 

On Thursday, Outpost24 published new research that claims the top 10 pharmaceutical countries in the region are all failing to maintain a robust security posture — with 80% considered to be “critically exposed” to the risk of cyberattacks. 

According to the report, Outpost24’s “2021 Web Application Security for Healthcare,” EU pharmaceutical businesses often run large numbers of web applications and 3.3% of those scanned by the firm are deemed “suspicious,” including open test environments that should have been closed. 

In addition, 18% of organizations analyzed are using outdated, unpatched web components that contain known vulnerabilities. US healthcare organizations have roughly the same amount of suspicious apps in operation but tend to run far fewer apps on the whole — however, 23.74% of them are outdated.

Outpost24

Over 200 EU pharmaceutical application forms noted in the report are operating without encryption, which puts users at risk of both the interception and theft of their information online. 

Outpost24 said that basic SSL failures, privacy policy misconfigurations, and cookie settings also feature as common security and compliance problems. 

The damage a

Read More: https://www.zdnet.com/article/eu-pharmaceutical-giants-run-old-vulnerable-apps-and-fail-to-use-encryption-in-login-forms/#ftag=RSSbaffb68