WordPress says users of versions 3.9.2 and earlier of its website content management software need to patch a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.
Organizations in all business sectors should take a series of steps to guard against "visual hacking," a low-tech method used to capture sensitive, confidential and private information for unauthorized use.
Troy Leach of the PCI Security Standards Council says log monitoring is an effective data breach detection tool that, unfortunately, not enough merchants put to use. He explains how upcoming PCI guidance could help with implementation.
Sen. Ron Johnson, R-Wis., the presumptive chairman of the Senate committee with government IT security oversight, hasn't immersed himself heavily in cybersecurity issues during his 4-year Senate tenure.
As part of their breach response strategies, organizations need to establish clear guidelines in advance so they know when it's appropriate to offer victims free credit monitoring or ID theft protection services.
The California Supreme Court has declined to hear appeals in two healthcare data breach lawsuits in which there was no clear proof medical data was actually inappropriately viewed.
An audit last year determined that the Food and Drug Administration had security vulnerabilities on its computer network, but the agency says it has remediated the issues.
Malware known as "Mayhem" that targets Unix and Linux systems has been updated to exploit Shellshock flaws, security experts warn. But with few Unix-flavor systems running anti-virus software, how can it be stopped?
Yet another California healthcare breach-related lawsuit - this one involving Alere Home Monitoring - has been dismissed because of the lack of proof that anyone actually viewed data stored on an unencrypted computer device that was stolen.
Prompted by Heartbleed and other vulnerabilities, the White House is giving the Department of Homeland Security authority to conduct regular and proactive scans of federal civilian agency networks.
Google says just 2 percent of the recent dump of nearly 5 million credentials to Russian cybercrime forums contained valid Gmail username and password combinations. But anyone who reused the same passwords on other sites remains at risk from hackers.
Goodwill Industries International says in an update about a breach affecting about 330 of its stores that approximately 868,000 payment cards were exposed. It also identifies the malware used to compromise a third-party vendor's systems.
The FBI and Apple are investigating the release of hundreds of celebrities' nude photographs and videos, which security researchers suspect is tied to compromises of iCloud, Dropbox or other cloud service accounts.
You need to combine IT security knowledge with business acumen if you want to find yourself among the ranks of chief information officers and other high-level positions. Here's how privacy can help.
Patients and healthcare providers need to recognize that Web-enabled mobile health devices that fall under the umbrella of the "Internet of Things" potentially can put personal information at risk, says Intel Security executive Greg Brown.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.