Following the alert over Meltdown and Spectre vulnerabilities, the U.K. Information Commissioner's Office is warning that failures to patch today could be punished with fines under GDPR once enforcement of the data protection law begins later this year.
A 28-year-old Ohio man has been accused of running a 13-year spying scheme that used malware to steal millions of photos, live images and other data from computers. He is accused of developing and using Fruitfly, a malware application for Apple Macs and Windows.
Mobile phone retailer Carphone Warehouse has been hit with one of the largest fines ever imposed by Britain's data privacy watchdog after an attacker breached its outdated WordPress installation, exposing 3 million customers' and 1,000 employees' personal details.
Fixes for the Meltdown and Spectre vulnerabilities are leading to decreased processor performance, triggering cloud service and data center slowdowns. All Windows servers - plus older PCs - as well as Linux servers appear to be experiencing noticeable slowdowns.
FBI Director Christopher Wray says the agency was unable to access nearly 7,800 devices in fiscal 2017 because of encryption, which he alleges will pose ever-increasing complications for law enforcement. The FBI doesn't want a backdoor, he says, but rather a "responsible" solution to allow lawful access.
While a draft "trusted exchange framework" unveiled last week by federal regulators includes proposed components that could raise the bar for the security of health data exchange, some experts caution that elements included in the final document should not be overly prescriptive.
Patch or perish to protect against Meltdown and Spectre attacks, and prepare to keep patching as Intel, AMD and ARM, as well as makers of devices running Apple, Google and Windows operating systems, including Apple iOS and Android smartphones and tablets, continue to refine their fixes.
Microsoft has paused issuing security updates to some Windows PCs with AMD chipsets after at least one update - meant to add some Meltdown and Spectre mitigations - has left some systems unbootable. Microsoft blamed the problem on AMD failing to properly document its firmware.
One of the most alarming breaches of 2015, involving Hong Kong toymaker VTech, has resulted in a $650,000 settlement with the U.S. Federal Trade Commission. It's a warning that internet of things security shortcomings - especially involving children's personal data - will have business consequences.
Dave DeWalt, former CEO of McAfee and FireEye, identifies the next generation of cybersecurity threats in the latest edition of the ISMG Security Report. Also featured: an analysis of the recent news of the Meltdown and Spectre microprocessor flaws and the POS malware attack on retailer Forever 21.
It's been nearly one year since Dave DeWalt walked away from FireEye, where he served as CEO. The veteran security leader has a new role and some candid insights on the state of enterprise cybersecurity defenses.
Under what circumstances must a U.S. healthcare provider comply with the European Union's General Data Protection Regulation, which will be enforced beginning in May? In an in-depth interview, regulatory attorney Stephen Wu explains the conditions under which compliance is required.
Federal regulators have clarified that the use of texting to place orders, such as for medications or tests, on any platform - secure or not - is not allowed when treating Medicare and Medicaid patients. Security experts weigh in on key issues to consider when using texting for other purposes.
Personal details for 30,000 Medicaid recipients in Florida may have been exposed after a government employee fell victim to a phishing attack, state officials warn. The information could potentially be used to file false Medicaid claims.
Security teams are scrambling to put in place fixes for the Meltdown and Spectre flaws. But Windows users report that Microsoft's security fix for the flaws has been freezing some PCs built with CPUs from chipmaker AMD. Here are workarounds.