There is no such thing as "security by obscurity." Attackers can hack what they can't see. This means organizations must reimagine the fundamentals of API creation, says Jaime Ryan of CA Technologies.
A report that the Russian government hacked into Democratic National Committee systems has security experts warning that just because malware was found on a hacked network, that doesn't mean a specific individual, group or nation-state was involved.
An experimental investment fund based on the digital currency ether has been hacked, with about $55 million worth of the currency stolen, according to news reports.
After channeling horror films and holding control of smart TVs for ransom, the ransomware innovation du jour involves attackers crypto-locking files using JavaScript. But security experts say IT administrators can deploy some relatively easy defense measures.
Crisis management expert Emily Mossburg discusses a new Deloitte study that shows why many organizations must reassess their approach to breach response to focus on what really matters: keeping the organization functioning.
The FTC has extended the deadline for commissioners to make a ruling on whether to affirm or overturn an initial decision last year by an FTC administrative law judge to dismiss a data security case against cancer testing lab LabMD.
Adobe Flash security alert redux: All enterprises should immediately update - or delete - all instances of Flash Player, following reports that a zero-day flaw in the Web browser plug-in is being targeted by the new "ScarCruft" APT group.
Preparing for data breaches - to detect them quickly, respond appropriately and ascertain exactly what happened - can help make the difference between a security incident having major or minor repercussions, says CrowdStrike CEO George Kurtz.
The ISMG Security Report kicks off with thoughts on how Watergate - its 44th anniversary is today - would have turned out differently if today's technology existed in 1972. Also, you'll hear the backstory on the breach at Democratic Party headquarters revealed this past week.
A hacker nicknamed Guccifer 2.0 claims to be the lone attacker who breached the Democratic National Committee's systems. The claim contradicts Crowdstrike's conclusion that two Russian state-sponsored groups were involved.
As evolving virtual reality technologies are embraced by corporate environments, including healthcare entities, for training and other purposes, organizations need to carefully consider the privacy and security risks they pose, says attorney Steven Teppler.
Apple is building "differential privacy" into iOS 10 to try and block attempts to identify or track individual users based on their behavior, keyword searches or other activities. But will the functionality perform as advertised?
Days after booting hackers from its network, the Democratic National Committee allowed incident-response firm Crowdstrike to publicly detail its findings. That's a rare - albeit welcome - move for other potential targets.
Russian hackers reportedly accessed the Democratic National Committee's opposition research on presumptive Republican presidential nominee Donald Trump, along with detailed chats and emails.
My initial reaction to Microsoft's announcement that it plans to buy LinkedIn for $26.2 billion in cash: I guess its massive 2012 data breach - and the loss of virtually every user's credentials - didn't hobble the company's long-term prospects.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
