A recent breach reported by University of Iowa Health Care illustrates the need to carefully guard against exposure of sensitive data on the internet, especially during software development projects.
A senior Russian government official warned that Moscow will retaliate if the Senate moves to ban the use of Kaspersky Lab software by government agencies. Meanwhile, CEO Eugene Kaspersky has repeated his offer to allow U.S. officials to review the company's source code.
Flaws in Subaru's telematics software, discovered by a security researcher, could have been exploited to unlock the doors or provide remote access to a car's location history. The problems - now fixed by Subaru - underscore carmakers' ongoing cybersecurity challenges.
Hot sessions at this week's OWASP AppSec Europe 2017 conference in Belfast, Northern Ireland, cover everything from the EU's General Data Protection Regulation and fostering better SecDevOps uptake, to quantum-computing resistant crypto and ransomware economics.
A recent patient portal security mishap at a Texas-based cancer testing laboratory is the latest reminder of the need to safeguard sensitive health information on web-based applications and websites.
Under the Trump administration, will the ongoing ramping up of HIPAA enforcement continue? And what other action can we expect on health data privacy and security issues?
As ransomware attackers continue to hone their craft, defense also is evolving. Con Mallon of CrowdStrike discusses what to do - and what not to do - when your organization is struck by ransomware.
Warning: Drop everything and patch all the Windows things now. That's the alert being sounded by security researchers in the wake of attackers adopting Equation Group attack tools designed to exploit an SMB flaw and install DoublePulsar backdoor.
Leading the latest version of the ISMG Security Report: A tale of how a dedicated manager spent her weekends monitoring video of ATMs led to the capture of a criminal skimmer. Also, the growing sophistication of cybercriminals.
The recent fix for a zero-day flaw in Microsoft Office appeared more than five months after Microsoft was privately alerted to the flaw, and followed months of it being exploited via in-the-wild attacks. Can Microsoft do better?
WikiLeaks has released a second batch of CIA attack tools, dubbed Dark Matter, which includes malware designed to exploit Mac OS X and iOS devices. But Apple contends the attacks target vulnerabilities in its software that have long been patched, so users are not at risk.
McDonald's home food delivery app in India leaked sensitive personal information relating to 2.2 million users. But the restaurant giant only addressed the insecure API after a researcher went public one month after informing McDonald's about the problem.
A federal watchdog agency review of the Massachusetts Medicaid information security program identified weaknesses that appear to be common at government agencies as well as healthcare organizations. What key vulnerabilities were identified?
Canadian authorities narrowly escaped a data breach by stopping an intrusion at the country's statistics agency. The cyberattack used a zero-day vulnerability in Apache Struts 2, which has now been patched.
A groundbreaking study from RAND Corporation quantifies the stakes around how zero-day software vulnerabilities get discovered and persist, bringing hard facts to bear on related - and contentious - debates surrounding vulnerability disclosure and public safety.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.