The FDA's procedures for handling cybersecurity concerns in medical devices once they are on the market are deficient, according to a new federal watchdog agency report. But since that audit was conducted, the FDA has been aggressively ramping up its activities around device cybersecurity.
HSBC Bank is warning some of its U.S. customers that their personal data was compromised in a breach, although it says it's detected no signs of fraud following the "unauthorized entry." Security experts say the heist has all the hallmarks of a credential-stuffing attack campaign.
The challenge when designing technology for critical national infrastructure sectors is that it must be securable today and remain resilient to cyberattacks for decades to come, says cybersecurity Professor Prashant Pillai.
Many of the devices that go into so-called smart cities and buildings are not built to be secure, making it difficult for security operations centers to manage risk, warns Sarb Sembhi, CTO and CISO of Virtually Informed, who describes what needs to change.
Georgia quietly fixed two flaws in its voter registration website that could have exposed personal information. How the secretary of state's office discovered the flaws and reacted suggests it may have erred when making a sensational accusation against the Democrats on the eve of the U.S. midterm elections.
As ransomware and other cyberattacks continues to proliferate, organizations must improve vendor risk management so they have a plan in place in case a business associate falls victim, says Mitch Parker, CISO of Indiana University Health System, who will speak at ISMG's Healthcare Security Summit in New York.
With the U.S. midterm elections occurring on Tuesday, the "trump" keyword remains king for spammers. "Spam campaigners understand the value of brands, and for spam as for ballots, and whether for or against, the election is all about Trump," security firm Proofpoint says.
Months after the New Jersey attorney general's office smacked a medical practice with a hefty penalty for a 2016 breach, the office has signed a $200,000 settlement with the group's business associate that was responsible for the incident and banned its owner from managing or owning a business in the state.
Criminals wielding crypto-locking ransomware - especially Dharma/CrySiS, GandCrab and Global Imposter, but also SamSam - continue to attack. Insurance firm Beazley says cyber claims for ransomware have increased in recent months, with the healthcare sector hardest hit.
Australia's largest defense exporter says it hasn't responded to an extortion attempt after ship design schematics were stolen by a hacker. Austal says the material is neither sensitive nor classified.
An Iowa eye clinic and its affiliated surgery center recently recovered from a ransomware attack on their common systems within one day and without paying a ransom. This case offers important reminders to other healthcare entities and their vendors about advance planning.
Radisson Hotel Group has suffered a data breach that resulted in the theft of data for its global loyalty program members. The company, which operates 1,400 hotels, says the breach touched data for "less than 10 percent" of all Radisson Rewards members, but it hasn't released a victim count.
After an initial effort got off to a rocky start, the Department of Health and Human Services has started over, making a second attempt at launching a cyber coordination center that aims to help the healthcare sector improve its defenses and boost information sharing. Will the latest effort prove successful?
Private sector organizations in Canada must now report all serious data breaches to the country's privacy watchdog as a result of new provisions in Canada's PIPEDA privacy law. Violators face fines of up to $100,000 for every breach victim they fail to notify or breach they attempt to hide.
We know that cybercriminals and even nation-states are taking advantage of the clues we leave behind in our digital footprints. How can investigators and researchers take advantage of this same open source intelligence? Former RAF investigator John Walker discusses the perils and promise of OSINT.