A ransomware attack on a Texas urology practice that potentially affects nearly 280,000 patients ranks as one of the largest health data breaches reported to federal regulators this year.
Following last week's Westminster attack in London, British Home Secretary Amber Rudd is demanding that police and intelligence agencies be given on-demand access to end-to-end encrypted communications services such as WhatsApp.
WikiLeaks has released a second batch of CIA attack tools, dubbed Dark Matter, which includes malware designed to exploit Mac OS X and iOS devices. But Apple contends the attacks target vulnerabilities in its software that have long been patched, so users are not at risk.
With the rapid changes in the threat landscape and the risks introduced by DevOps, the cloud and other new elements, organizations need to have a continuous vulnerability assessment program as a security baseline, says Richard Bussiere of Tenable Network Security.
The U.S. Justice Department is reportedly preparing to charge multiple "Chinese middlemen" with helping to orchestrate the $81 million Bangladesh Bank heist on behalf of North Korea. Security experts have long been reporting that the attack code and tactics appear to trace to North Korea.
Under HIPAA, the theft or loss of encrypted computing or storage devices is not considered a reportable data breach. But a recent incident at a Kentucky-based healthcare organization demonstrates that making a determination on whether an incident is a reportable breach isn't always clear-cut.
Password manager LastPass has deployed a server-side fix to repair a vulnerability that could have allowed an attacker to steal a victim's passwords. It's the latest finding from Tavis Ormandy of Google's Project Zero, who's since reported another flaw in LastPass.
RBI has mandated that all banks migrate to Aadhaar-based biometric authentication for electronic payment transactions by June 30. But some information security experts question whether the the technology can handle the potential volume of transactions.
A man who allegedly used a smartphone with a Tor proxy and VPN client to hide his online activities has been arrested and charged with narcotics distribution after U.S. Postal Service employees spotted him mailing large numbers of envelopes while wearing latex gloves.
One of the world's biggest botnets, Necurs, is back. But instead of flinging banking Trojans and ransomware, this time it's spouting spam aimed at influencing the price of cheap stocks, say security researchers from Cisco's Talos group.
Organizations are shifting from an IT-driven to a business-driven approach to information security, with a focus on minimizing business disruption, says Kartik Shahani of RSA.
A recent study by Forrester Research unveils a direct correlation between data breaches and organizations' IAM immaturity. What needs to change? Corey Williams of Centrify offers strategic advice.
As WikiLeaks reaches out to firms about code targeted via CIA attack tools contained in the "Vault 7" document dump, Cisco says its review of the leaked information led to the discovery of a zero-day flaw that affects 318 of its devices, including numerous switches.
Some medical devices, smartphones and internet of things gadgets contain certain types of sensors that are vulnerable to potential hacking using sound waves, says cybersecurity researcher Kevin Fu, who calls on manufacturers to address the risks.
McDonald's home food delivery app in India leaked sensitive personal information relating to 2.2 million users. But the restaurant giant only addressed the insecure API after a researcher went public one month after informing McDonald's about the problem.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.