Organizations that discover they're victims of business email compromise exploits should immediately contact law enforcement officials to report the attacks to improve the odds of finding the perpetrators, says Assistant U.S. Attorney Camelia Lopez in this video interview.
You made this mess, now you'll clean it up. That's the security message of the Federal Trade Commission's settlement with Oracle over its failure to update or eliminate older, insecure - and actively targeted - versions of Java.
A federal audit of three California Medi-Cal (Medicaid) managed care organizations found dozens of "high risk" security control vulnerabilities. But security experts say the problems identified, unfortunately, are common throughout the healthcare sector.
Business email compromise attacks are becoming more sophisticated and pervasive, and smaller businesses in English-speaking countries are proving to be the most common targets, says PhishLabs' Joseph Opacki, who calls on banks to show customers examples of the schemes.
Politicians arguing in favor of fighting terrorism by creating backdoor access to encrypted communication are overlooking five key factors that make such an approach undesirable and unfeasible.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
The moment a successful defense is deployed, attackers find new ways to break into networks. In this video interview, Dr. Dale Meyerrose describes the damage wreaked by APTs and the strategies organizations can use to keep attackers at bay.
To avoid having their organizations exploited by teenage hackers, boards of directors worldwide need to get serious about security. Here are five lessons to be learned from the latest TalkTalk data breach.
In this video interview, Mike Weber of Coalfire Labs discusses ways that healthcare organizations can develop strategies for easily sharing patient data among clinical professionals using a variety of devices while protecting that data from attackers.
To improve patient safety, healthcare organizations should more closely scrutinize the cybersecurity of medical devices during the procurement process, says security expert Beau Woods.
The insider threat is one that organizations often want to overlook. But it's hard to ignore when they are losing critical assets. Lockheed Martin's Douglas Thomas tells how to sell an insider threat program.
Security experts trace many of the world's cybercrime attacks to Russia. But Russian authorities never extradite suspects, and they allow hackers to operate with impunity - if they play by some ground rules.
If the Chinese government hacked the U.S. Office of Personnel Management for espionage purposes, then the U.S. government's $133 million contract to provide ID theft monitoring services is a waste of money. Instead, the agency could have used the funds to safeguard its systems against future attacks.
If there's one thing federal regulators want to drill into the heads of covered entities and business associates about data breach prevention, it's this: Stop procrastinating, and conduct a risk analysis and encrypt most of your computing devices right away.
The U.S. Office of Personnel Management promises that it will soon notify 21.5 million individuals that their background-check information was breached. Meanwhile, the government has lined up notification and response services for future needs.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.