Humana is notifying individuals in multiple states that the company was a recent target of an "identity spoofing attack" that potentially compromised personal information of its members, including those participating in the health insurer's Go365 wellness programs.
Security experts warn that hackers could one day make use of machine learning and AI to make their attacks more effective. Thankfully, says Cybereason's Ross Rustici, that doesn't appear to have happened yet, although network-penetration attacks are getting more automated than ever.
Old technology never dies, but rather fades "very slowly" away, as evidenced by there being 21 million FTP servers still in use, says Rapid7's Tod Beardsley. Rapid7's scans of the internet have also revealed a worrying number of internet-exposed databases, memcached servers and poorly secured VoIP devices.
What are hot cybersecurity topics in Scotland? The "International Conference on Big Data in Cyber Security" in Edinburgh focused on everything from securing the internet of things the rise of CEO fraud to the origins of "cyber" and how to conduct digital forensic investigations on cloud servers.
Australian medical booking service HealthEngine says late Friday it notified 75 users of a breach that may have exposed some identifying information. The data breach is the latest in a string of problems for HealthEngine, which was caught tampering with patient reviews and using questionable marketing tactics.
An Equifax software engineer has settled an insider trading charge with the U.S. Securities and Exchange Commission after he allegedly earned $77,000 after he made a securities transaction based on his suspicion that the credit bureau had suffered a data breach.
Helping victims know their passwords have been exposed in a data breach is half the battle in the fight to improve password security. To help, Mozilla and 1Password are integrating into their products a feature from the popular "Have I Been Pwned" breach notification service.
Consumers are more concerned than ever about their identities being compromised, yet they're failing to connect the dots between fear and preventive measures, according to recent research conducted by IDology. John Dancu, the company's CEO, explains the implications for businesses.
To increase the effectiveness of security information and event management tools, while lowering the rate of false positives, organizations need to bring in more context about user behavior, says Derek Lin of Exabeam.
Leading the latest edition of the ISMG Security Report: A preview of next week's Fraud and Breach Summit in Chicago, which will feature keynoter Brett Johnson, a former cybercriminal who now advises organizations on fighting crime.
A health system's decision to reportedly suspend about a dozen employees for apparently snooping at health records related to the tragic death of a co-worker spotlights the many challenges involved with preventing and detecting insider breaches.