A hacking incident at a Nebraska-based medical supply company ranks as the second largest business associate health data breach reported so far this year. A log review was the key to detecting the intrusion.
Many recent data breaches, including the Equifax incident, show that "applications are really the vulnerable entry point into organizations and ultimately to organizations' data," says Alex Mosher of CA Technologies.
A former systems administrator who worked at a Pennsylvania clinic group for only about three weeks has been sentenced to 27 months in prison in a case involving wire fraud and hacking computers. The case highlights the importance of managing administrative credentials, especially when employees leave.
For one month, the installer for a widely used, free Windows utility called CCleaner also installed a malicious payload that was designed to allow attackers to push additional malware onto infected PCs, warns Cisco Talos. Developer Piriform, owned by Avast, has released updates that expunge the malware.
In the move to a cashless economy in India and elsewhere, improving user authentication is critical, but users are demanding ease of use, says Singapore-based Tom Wills, director at Ontrack Advisory. He describes the roles that biometrics and artificial intelligence will play.
Researchers in Australia says they've conquered a thorny problem: how to view information stored on multiple air-gapped networks at the same time without security or usability concerns. They've created a device, called the Cross Domain Desktop Compositor, that's been tested by the Australian Department of Defense.
The arrest of 10 men in Uttar Pradesh for allegedly cloning fingerprints of authorized Aadhaar enrollment officers is once again stirring debate over whether it's wise for India to rely so heavily on Aadhaar for authentication.
In cryptocurrency we trust: The government of North Korea has been turning to bitcoin exchange heists and cryptocurrency mining - potentially using malware installed on other countries' systems - to evade sanctions and fund the regime, security experts say.
The Trump administration is directing U.S. federal executive branch agencies to remove anti-virus software from Russian-owned Kaspersky Lab from their computers within 90 days. Kaspersky denies "inappropriate" ties to Russian government.
An ongoing series of Healthcare Security Readiness workshops reveals some key gaps in how healthcare organizations defend against cybercrime hacking. How should entities assess and mitigate these gaps? David Houlding of Intel shares insights.
A former cybersecurity analytics specialist at health insurer Anthem, which experienced a massive data breach, offers insights on key steps organizations should take to avoid becoming the next breach victim in the headlines.
Equifax has yet to describe how its site was breached, except to blame a vague "U.S. website application vulnerability." But some security experts suspect that an unpatched flaw in Apache Struts, fixed by Apache in March, might have been exploited.
If the Equifax breach turns out like every other massive data breach we've seen for more than a decade, after a big brouhaha - from Congress, state attorneys general, consumer rights groups and class-action lawsuits - nothing will change, because that would require Congress to give Americans more privacy rights.