A group of suspected Chinese cyber espionage actors, dubbed TEMP.Periscope or Leviathan, has re-emerged, targeting the maritime industry as well as others, according to a report from FireEye. Many of those targeted have connections to the South China Sea.
States will not have the full range of much-needed cybersecurity practices and equipment in place for this year's U.S. midterm elections. But efforts underway might deliver many much-needed improvements in time for the 2020 elections, Homeland Security Secretary Kirstjen Nielsen tells a Senate committee.
Multinational semiconductor maker Advanced Micro Devices has confirmed that there are 13 flaws in some of its chipsets that could be exploited to manipulate chip firmware for malicious purposes. AMD plans to provide fixes in the form of firmware updates that it claims should not affect system performance.
Many medical devices, especially older ones, were not designed with cybersecurity in mind, so healthcare organizations need to take special precautions to reduce risks, says security expert Justine Bone, who describes effective strategies.
A recent alert from the Department of Homeland Security warning of vulnerabilities in certain medical imaging products from GE Healthcare is a reminder to other medical device makers and healthcare entities about the risks posed by hardcoded and default credentials.
To help identify and mitigate the next generation of Spectre and Meltdown speculative execution flaws in CPUs, Microsoft and Intel are offering researchers up to $250,000 if they share their discoveries as part of a coordinated vulnerability disclosure program.
Privacy attorney Kirk Nahra offers an analysis of the New York state attorney general proposing updates to the state's data security laws and issuing a substantial financial penalty in a HIPAA violations case.
President Donald Trump's nominee to head the National Security Agency and U.S. Cyber Command, Lt. Gen. Paul Nakasone, faces two Senate committee hearings as part of his nomination process. He'll face questions on cyber defense, privacy and combating information warfare.
If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.
To keep up with the ever-evolving cyberthreat landscape, healthcare organizations must combine basic security principles with advanced technologies, Kristopher Kusche, CISO at Albany Medical Center, says in an interview at the HIMSS18 conference.
The U.K.'s National Cyber Security Center and Australian Cyber Security Center are using the "Have I Been Pwned" breach-monitoring service to centrally monitor for email addresses registered to government domains that appear in data breaches.
User behavior analytics and data loss prevention tools are among the most promising yet underutilized or improperly implemented security technologies in healthcare, says security consultant Mark Dill, formerly of the Cleveland Clinic, a featured speaker at the HIMSS18 conference.