Internet of things security takeaway: Save yourself, and by doing so, maybe help save the rest of us too. That's the obvious takeaway from the rise of low-tech, high-impact Mirai malware, which has been tied to the record-setting Oct. 21 DDoS attack against Dyn.
Apple's security defenses have improved dramatically in recent years, but poorly written drivers in third-party applications could provide key access to critical parts of macOS.
Federal regulators are reminding for-profit companies that if they collect and share consumers' health information, they not only need to comply with HIPAA security and privacy regulations, but also the Federal Trade Commission Act. Is their new guidance too narrow?
Chinese manufacturer Xiongmai has promised to replace or patch some IoT components that attackers are using to build massive internet of things Mirai botnets to wage DDoS attacks, such as the Oct. 21 disruption of DNS provider Dyn. But security experts question whether these moves will blunt future IoT attacks.
Federal regulators will be kicking off remote HIPAA compliance "desk audits" of business associates next month and more comprehensive onsite audits of both covered entities and BAs early next year. Learn more about what's next for the audit program.
Changes in NIST's upcoming revision of its security and privacy controls guidance acknowledge the view that security and privacy are concerns for all sectors, not just the federal government.
There are two Yahoo conspiracy theories: It was hacked by a "state-sponsored actor," and it disabled email forwarding to prevent a post-breach exodus. Although neither scenario appears to be true, that doesn't mean the badly breached search giant is in the clear.
Neutering the army of web-connected devices used in the large internet attack that hampered access to major sites - including Amazon, PayPal, Spotify and Twitter - is technically possible. But no option offers either a great or near-term fix.
Widespread website outages beginning early Oct. 21 are suspected to have been caused by a massive distributed denial-of-service attack against DNS service provider Dyn. Numerous sites, including Amazon and Twitter, were sporadically unavailable.
Some 3.2 million Indian debit cards may have been compromised, according to the National Payments Council of India. While investigations are ongoing and several banks have reissued at-risk cards, the source of the card exposure has not been officially confirmed.
Former NSA contractor Harold T. Martin III., who is accused of pilfering mass quantities of highly classified information, will remain in jail until his trial. Martin engaged in "a course of felonious conduct that is breathtaking in its longevity and scale," prosecutors say.
Despite high-profile leaks and the attention given to the insider threat, many organizations still fail to even see that they have an insider threat problem. Ajit Sancheti, CEO of Preempt, discusses what's needed to improve insider threat detection.
Investment firm Muddy Waters Capital and security research start-up MedSec Holdings are again stirring up controversy, this time by releasing a video spotlighting more alleged cybersecurity flaws in St. Jude Medical cardiac devices.
Yahoo, now negotiating its sale to Verizon, has posted an increase in quarterly profits and page views, bolstering its case that its massive data breach didn't irrevocably damage its value. But with ad revenues in decline, time is running out.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.