The Department of Homeland Security has issued two more alerts about cyber vulnerabilities in certain medical devices. The stream of recent advisories is helping to draw more attention to the importance of addressing device security. But healthcare providers face the challenge of tracking and mitigating all risks.
What impact will an appellate court's ruling Wednesday that vacated the Federal Trade Commission's data security enforcement action against LabMD have on the agency's long-term enforcement activities? Regulatory experts are weighing in.
LabMD, a now-defunct cancer testing laboratory, has won a major victory in its longstanding legal dispute with the Federal Trade Commission. A U.S. Court of Appeals on Wednesday vacated an FTC enforcement action against the lab in a data security dispute dating back to 2013.
RSA's most recent Quarterly Fraud Report shows that "newsjacking" is increasingly empowering phishing attacks, says Angel Grant, RSA's director of identity fraud and risk intelligence. The report also shows a continuing surge in mobile app fraud.
Large data breaches make headlines, trigger stock price slips and often lead to executives getting fired. But security consultant Eric Pinkerton's study of breached businesses - including Ashley Madison, Equifax and Uber - finds that many organizations not only recover from breaches, but end up thriving.
Russian software firm Kaspersky Lab has been dealt a setback in its effort to overcome the U.S. government's ban on use of the firm's anti-virus software on federal systems. A judge has dismissed the firm's two lawsuits seeking to have the ban lifted.
A mental healthcare practice's decision to pay a ransom to have sensitive patient data unlocked illustrates the difficult choices that organizations can face when attempting to recover from a ransomware attack.
How much progress has the healthcare sector made in the last 10 years addressing medical device cybersecurity issues? And what action is still needed? Ben Ransford, a principal researcher in a groundbreaking 2008 report about cardiac device cyber risks, offers his assessment.
A swift FBI sinkhole blunted an apparently imminent attack against Ukraine via "VPN Filter" malware, which has infected more than 500,000 routers. But mass router compromises will continue so long as manufacturers fail to build in easy or automated patching and updating, security experts warn.
At least 500,000 routers, mostly located in Ukraine, have been infected with "VPN Filter" malware that experts believe is a prelude to a massive cyberattack. But the FBI has sinkholed the control domain for the router botnet, which should help contain the potential damage.
Universities throughout Florida are adding more cybersecurity courses in an effort to better train the next generation of practitioners, says Ernie Ferraresso of the Florida Center for Cybersecurity, which recently provided a second round of funding for the effort.
Researchers have discovered two new Spectre/Meltdown variants: variant 3a, a rogue system register read, and variant 4, a speculative store bypass. Some AMD, ARM, Intel and IBM Power chips have the flaws, which attackers could exploit to steal sensitive data. Some fixes have already been shipped.