Over the last six months, the University of Vermont Medical Center has seen a spike in phishing attempts, including those laced with malware in an attempt to steal credentials, says CISO Heather Roszkowski, who describes her defensive efforts.
Islamic State sympathizers are exploiting a vulnerability in a WorldPress Content Management System plug-in to deface the websites of news outlets, businesses, religious groups and governments in the U.S. and abroad, the FBI says.
White Lodging Services Corp. has revealed a malware attack against point-of-sale systems at 10 of the hotels it manages, potentially exposing payment card data. The disclosure comes about a year after it confirmed a similar malware-related breach.
The Healthcare Information and Management Systems Society 2015 Conference in Chicago offers many new opportunities to learn about health data privacy and security issues, including the debut of a Cybersecurity Command Center.
A breach of the White House IT system last October, believed to be by Russian hackers, exposed sensitive details about White House operations, such as the president's schedule, CNN reports.
Some merchants want to postpone the EMV-related fraud liability shift, which major card brands have slated for October. But Randy Vanderhoof of the EMV Migration Forum sees "no reason to move the date."
New, advanced point-of-sale malware dubbed "Poseidon" can exfiltrate card data directly from every infected device. And security experts warn that too many retailers fail to test POS devices and segment networks to mitigate all malware threats.
The Target breach was the hot topic for many RSA 2014 attendees, but Gartner's Avivah Litan was already talking about the next Target - a UK retailer that may have suffered a similar hack, exposing payment card data.
The Trojan "Laziok" targets energy firms throughout the Middle East, India, the U.S. and the U.K., warn security researchers at Symantec. The malware attempts to exploit a Microsoft Office bug patched in 2012.
Nine individuals have pleaded guilty to charges stemming from their roles in an identity fraud scheme. Among the defendants is a former military hospital worker who stole soldiers' personal information to file false federal tax returns, prosecutors say.
Businesses targeted by ransomware attacks are increasingly willing to negotiate with - and even pay - their extortionists. But negotiating with cyberthieves is never a good idea.
The U.S. Department of Justice has charged two former federal agents with money laundering and wire fraud based on allegations that they attempted to profit from the investigation into the underground narcotics marketplace known as "Silk Road."
Experts debate the value of new PCI guidance for how businesses should use penetration testing to identify network vulnerabilities that could be exploited for malicious activity. Does the new advice go far enough?
To help take down global "carding" rings, the U.S. Justice Department wants to expand current law so it can prosecute those who commit fraud anywhere in the world that involves U.S. payment card data.
The proposed rules for Stage 3 of the HITECH Act "meaningful use" electronic health record incentive program come up short on privacy and security. But regulators have time to fix that.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.