Timely incident response is more critical than ever, but a decentralized workforce may affect responsiveness. Scott King of Rapid7 discusses how to address the challenges.
To the long list of alleged hackers who failed to practice good operational security so they could remain anonymous, add another name: Andrey Turchin, who's been charged with running the Fxmsp hacking group, which prosecutors say relied on Jabber and bitcoins in an attempt to hide their real identities.
Connected devices for consumers don't come with service-level agreements agreements. The travails of Petnet, the maker of an automatic, cloud-enabled pet feeder that has now gone offline offer a tale of caution that points to the need for stronger consumer protection for cloud-enabled devices.
The U.S. Secret Service is combining its electronic and financial crime units into a single task force that will focus on investigating cyber-related financial crimes, such as BEC schemes and ransomware attacks. The move comes as lawmakers push for the Secret Service to take a more active role in fighting cybercrime.
U.S. prosecutors this week unsealed an indictment against the alleged hacker "Fxmsp" after his identity was revealed in a cybersecurity firm's report. That sequence of events has raised questions about information sharing and highlighted law enforcement's reliance on private cybersecurity researchers.
Attorney Sadia Mirza, offers an update on the July 1 California Consumer Privacy Act enforcement and what security and privacy professionals should expect over the next few months.
The number of companies and individuals affected by an April ransomware attack on managed care provider Magellan Health continues to grow. This illustrates the risks faced by interconnected organizations in the healthcare sector.
A preliminary settlement in a class action data breach lawsuit against Iowa Health System - which does business as UnityPoint Health - contains an unusual provision that could prove quite costly.
Canadian information privacy regulators have ordered medical testing laboratory LifeLabs to improve its data security practices following their investigation of a 2019 breach that exposed the health data of 15 million individuals.
Why are some breach notifications delayed for months? This week, a company that operates senior care facilities in North Carolina and South Carolina issued a statement offering a step-by-step explanation.
Greg van der Gaast, head of information security at the University of Salford in the United Kingdom, has strong opinions on why some security investments aren't reaping maximum benefits. "We are addressing problems too far downstream," he says.
Many ransomware gangs hell-bent on seeing a criminal payday have now added data exfiltration to their shakedown arsenal. Gangs' extortion play: Pay us, or we'll dump stolen data. One massive takeaway is that increasingly, ransomware outbreaks also are data breaches, thus triggering breach notification rules.
The recent leak of 269 GB of sensitive data from more than 200 police departments and the FBI could be a sign that law enforcement agencies are becoming a prime target for hackers, given recent civil unrest.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.