CareFirst BlueCross BlueShield is the latest health insurer to be targeted by a sophisticated hacking attack. It recently discovered that an intrusion into a database in June 2014 resulted in a breach affecting 1.1 million individuals.
"Millions" of devices from numerous router manufacturers appear to use a third-party software component called NetUSB, which can be exploited to bypass authentication checks and remotely take control of the devices, security researchers warn.
Numerous websites, mail servers and other services - including virtual private networks as well as "all modern browsers" - have a 20-year-old flaw that could be exploited by an attacker, computer scientists warn.
Dick Williams, CEO of digital security firm Webroot, says the cybersecurity profession needs more than just technical experts. Learn why he says firms will seek out those who can understand the behaviors of cyber-attackers.
Unlike previous presidential campaigns, cybersecurity will be raised by candidates on the hustings, although the issue likely won't play a big role in determining the election. Two GOP candidates - Marco Rubio and Rand Paul - already have broached the topic.
A Food and Drug Administration warning regarding security vulnerabilities found in certain infusion pumps of one vendor will likely be followed by cybersecurity alerts about flaws in medical devices from other manufacturers.
Visa has agreed to increase the reimbursement paid to banking institutions that must reissue cards in the wake of a merchant breach. Now the smaller card issuers, such as community banks, are getting paid the most.
An army of 40,000 small office/home office routers have been exploited by automated malware. But who's responsible for devices being vulnerable: vendors for using well-known defaults; or distributors and IT managers for not locking them down?
Although the 2015 Healthcare Information Security Today survey shows improving regulatory compliance is priority No. 1, CISO Cris Ewell of Seattle Children's Hospital suggests building a strong information security program should be a higher priority.