Warning: Too many voice over IP devices being used in enterprise environments have well-known default passwords or no security at all, thus leaving organizations at risk from covert surveillance and toll-fraud scammers, experts say.
The U.S. and U.K. government push to "backdoor" strong crypto - used to secure everything from online banking and e-commerce to patient health records and consumer communications - wouldn't stop most criminals or terrorists, researchers warn.
Federal regulators have issued new guidance to clarify scenarios where HIPAA privacy and security regulation might apply, including for mobile health applications and electronic data exchange. Why are some organizations still so confused?
U.K. police have arrested a teenager on suspicion of having perpetrated a series of high-profile hacks and pranks against senior U.S. officials, including the director of the CIA, plus the recent release of nearly 30,000 DHS and FBI employees' contact details.
How will federal banking regulators respond to growing criticism of the FFIEC's Cybersecurity Assessment Tool? A new FDIC publication leads some experts to believe no new guidance is forthcoming. Here's why.
Several recent health data security incidents - including two at a Florida hospital and another at a Washington state Medicaid agency - illustrate the challenges healthcare organizations face in detecting and preventing insider breaches.
Over a three-month period in 2015, a single cybercrime gang managed to earn at least $330,000 in bitcoins thanks to an estimated 670 victims paying attackers to decrypt ransomware-infected systems. Should police be doing more to stop these attacks?
While 2015 will be remembered as the year of major hacker attacks in the healthcare sector, most of the health data breaches added so far this year to the official federal tally have involved blunders by insiders. That's why infosec pros need to focus on more than just mitigating hacker threats.
President Obama is creating a federal CISO post as part of a multifaceted initiative aimed at strengthening the nation's IT security. His plan includes forming a public-private Commission on Enhancing National Cybersecurity and boosting government cybersecurity spending by 35 percent.
The U.S. government is probing an apparent cybersecurity lapse that allowed a hacker to obtain and release contact information for more than 20,000 FBI employees and 9,000 other Department of Homeland Security employees.
The banking malware known as Carbanak continues to evolve, and cybercriminals are now using it to wage APT-style attacks against banks as well as companies in other sectors, according to security researchers at Kaspersky Lab.
Have Russian authorities collared the cybercrime gang responsible for the notorious Dyre malware? Related attacks ceased after authorities raided a Moscow-based production company developing a movie called "Botnet," Reuters reports.
Who is responsible for fraud losses resulting from business email compromise? Texas-based AFGlobal Corp. is suing its insurance firm to settle this question. Experts weigh in on the lawsuit and why cyber insurance rarely covers losses from these scams.
The rise in RFID-based contactless payment cards has led to increased concerns that fraudsters could wirelessly crack cards' secret cryptographic keys. But a team of MIT researchers has debuted defenses against such hack attacks.