A draft bill circulating in Congress to create national requirements for data breach notification could be the vehicle used to win support for a compromise from lawmakers supporting the divergent interests of the business community and privacy advocates.
Google has warned Google Apps administrators that their private Whois contact information has been exposed. The leak affects more than 282,000 administrators, and places them at greater risk of ID theft and spam attacks, according to Cisco.
As the next wave of medical school graduates begins clinical training at healthcare organization across the U.S., it's critical these new clinicians be prepared to protect patient privacy, says healthcare attorney and professor Julie Agris.
Mattel will sell a cloud-connected $75 "Hello Barbie" doll that can "listen" to what kids are saying and talk back. But security experts warn that anything that connects to the Internet can - and will - be hacked.
Although breaches affecting U.S. retailers are widely reported, Verizon's new PCI Compliance Report shows increases in the theft of payment card data and other personal information span numerous industries in all international markets.
Both Microsoft and Apple this week released patches to address the so-called "Freak" flaw in SSL/TLS. Microsoft also released a fix that addresses a failed 2010 patch for a vulnerability that was exploited by the Stuxnet malware.
A former customer service representative at Blue Cross Blue Shield of Michigan is among 11 individuals recently arrested in connection with an alleged identity theft scheme that resulted in hundreds of thousands of dollars in credit fraud.
West Virginia United Health System is taking a multi-step approach to thwarting insider threats, including aggressive analysis of access audits, says assistant CIO Mark Combs, who helps lead the system's privacy and security efforts.
"Align technology with businesses" is an old phrase. But information security is now part of this change, making strides to align with growth as a business enabler. Enter: the converged technology operations center.
The latest annual Office of Management and Budget report to Congress on agencies' FISMA compliance shows IT security is complex and tough to effectively implement, with authentication, in particular, a challenge.
The U.S. Justice Department has charged three men - two are in custody - for hacks against email service providers - including Epsilon - that allegedly resulted in the theft of 1 billion email addresses, many later used in massive spam campaigns.
British police over the course of this week launched 25 cybercrime-targeting raids and made 57 arrests, including suspects who have been tied to a U.S. Defense Department network intrusion, Lizard Squad attacks, as well as a massive Yahoo breach.
Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.
Weaponized roller coasters? Kidnappers hacking babycams? Forget over-the-top "CSI: Cyber" hacking plots. The hackers behind the Rogers ISP breach, in their quest for bitcoins, claim they wielded nothing more serious than a telephone call.
The CEO of Bit9 speaks from experience: His firm was hacked, sensitive data stolen and customers put at risk. And what's happened since represents his mission to fend off attackers, even as they refine their hacks.