Recent data breaches involving mental health and substance abuse information highlight some of the special challenges that organizations can face in protecting extra-sensitive patient records. In one incident, stolen patient data was reportedly posted on the dark web.
Two men allegedly tied to the hacking group "Crackas With Attitude" have been arrested as part of an investigation into hacks of U.S. government systems and senior government officials, including CIA Director John Brennan's personal AOL email account.
Those who embrace good cyber hygiene in their personal lives are likely to be more aware of information security on the job as well, says Steve Durbin of the Information Security Forum, who'll deliver a keynote address at Information Security Media Group's Fraud and Breach Prevention Summit in Toronto.
Internet of Things alert: Many embedded systems contain hardcoded cryptographic credentials that attackers could use to seize control of the devices or crack encrypted website traffic. And the problem is only getting worse, says security firm SEC Consult.
Cyber threat information sharing in the healthcare sector urgently needs to be standardized so organizations can take appropriate action based on the intelligence, says Jeffrey Vinson, CISO of Harris Health System, who discusses findings emerging from ongoing federally funded research.
A lawsuit filed by St. Jude Medical claims that a recent report alleging dangerous cybersecurity vulnerabilities in its implantable cardiac devices was financially motivated and contained false statements and "market-bombshell scare tactics."
As the Office of Personnel Management purged a hacker, another intruder who secretly infiltrated the system stole 20.5 million records containing personal information of government workers and contractors, a new GOP report says. Democrats dispute many of the report's key findings about security shortcomings.
The breach of porn site Brazzers - which allows users to swap fantasies in online forums - begs the question of how many users employed throwaway usernames and passwords. Some 1,446 U.S. military and 41 U.S. government email addresses were found in the data dump.
If Russia is, indeed, meddling with the U.S. election, there's an obvious explanation: It's irritated by U.S. policy. But if Russia's frustration is being expressed through cyberattacks, how can the U.S. respond?
The National Institute of Standards and Technology is moving ahead with an initiative to create standards for cryptographic algorithms for small computing devices, such as those found in automobiles, control systems, smart grids and the Internet of Things.
A former administrative worker at a Florida pediatric practice has been indicted in federal court along with two others for alleged identity theft and fraud crimes involving stolen patient information. But why didn't prosecutors file HIPAA-related criminal charges?
Everybody talks about threat intelligence today, but how well are they distinguishing raw data from actionable intelligence? Stephen Gates of NSFOCUS discusses cybersecurity and the new threat intelligence ecosystem.
The ISMG Security Report leads with a report on Federal CIO Tony Scott partly blaming the way Congress funds agencies for the 2015 breach of computers at the Office of Management and Budget that exposed 21.5 million records.
Tens of thousands of Cisco Adaptive Security Appliance devices remain vulnerable to a zero-day exploit released last month as part of the Equation Group toolset dump by Shadow Brokers, according to scans conducted by security firm Rapid7.