As CEO of ForeScout Technologies, which focuses on continuous monitoring of networks, T. Kent Elliott says he has to anticipate the next generation of vulnerabilities. So what's the most significant emerging risk? The Internet of Things.
What are the most common mechanisms used in the "Exploit" phase? Many attacks simply take advantage of known vulnerabilities or network weaknesses that have not been addressed, in which case the adversaries have no need to create custom malware. When they are employed, "zero-day" attacks are often very difficult to...
It's been a year since the Target breach called attention to the need to ramp up cybersecurity at U.S. retailers. Here's a look at seven important lessons learned since then.
WordPress says users of versions 3.9.2 and earlier of its website content management software need to patch a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.
Troy Leach of the PCI Security Standards Council says log monitoring is an effective data breach detection tool that, unfortunately, not enough merchants put to use. He explains how upcoming PCI guidance could help with implementation.
As part of their breach response strategies, organizations need to establish clear guidelines in advance so they know when it's appropriate to offer victims free credit monitoring or ID theft protection services.
The California Supreme Court has declined to hear appeals in two healthcare data breach lawsuits in which there was no clear proof medical data was actually inappropriately viewed.
An audit last year determined that the Food and Drug Administration had security vulnerabilities on its computer network, but the agency says it has remediated the issues.
Malware known as "Mayhem" that targets Unix and Linux systems has been updated to exploit Shellshock flaws, security experts warn. But with few Unix-flavor systems running anti-virus software, how can it be stopped?
Yet another California healthcare breach-related lawsuit - this one involving Alere Home Monitoring - has been dismissed because of the lack of proof that anyone actually viewed data stored on an unencrypted computer device that was stolen.
Prompted by Heartbleed and other vulnerabilities, the White House is giving the Department of Homeland Security authority to conduct regular and proactive scans of federal civilian agency networks.
This infographic hightlights a specific example of attackers targeting a feature within Microsoft Word - Visual Basic Scripting for Applications. While basic, the Office Macro attack vector is obviously still working quite effectively. When the victim opens the Word document, an On-Open macro fires, which results in...
Google says just 2 percent of the recent dump of nearly 5 million credentials to Russian cybercrime forums contained valid Gmail username and password combinations. But anyone who reused the same passwords on other sites remains at risk from hackers.
Goodwill Industries International says in an update about a breach affecting about 330 of its stores that approximately 868,000 payment cards were exposed. It also identifies the malware used to compromise a third-party vendor's systems.
The FBI and Apple are investigating the release of hundreds of celebrities' nude photographs and videos, which security researchers suspect is tied to compromises of iCloud, Dropbox or other cloud service accounts.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.