Federal regulators have reached a $3 million HIPAA settlement in a case alleging that a medical imaging services provider delayed investigating and mitigating a breach involving patient information leaking onto the internet via a web server - and delayed notification of victims as well.
Despite a doxing of its targets and tools in March, the advanced persistent threat group known as OilRig remains a significant threat to governments and businesses, researchers at Palo Alto Network's Unit 42 report.
A Ukrainian national is facing wire fraud and other charges stemming from his alleged involvement in a years-long malvertising scheme that infected millions of PCs around the world. Authorities allege that he created a botnet that other cybercriminals could rent out.
With cyberattacks, online espionage and data breaches happening at a seemingly nonstop pace, Western intelligence agencies are bringing many of their capabilities out of the shadows to help businesses and individuals better safeguard themselves and respond. We need all the help we can get.
In what may be a case of industrial espionage, Massachusetts-based drug development company Charles River Laboratories has reported a cyberattack involving the copying of client data by an intruder. Why is IP theft a growing worry for the healthcare sector?
President Donald Trump on Thursday signed an executive order that offers a mix of incentives and new guidelines aimed at hiring and retaining more security pros to work within the federal government. The order creates a President's Cup Cybersecurity Competition as a way to reward top professionals.
New exploits released online that target long-known configuration weaknesses in SAP's NetWeaver platform could pose risks to payroll, invoicing and manufacturing processes, according to researchers at Onapsis. As many as 50,000 companies could be vulnerable.
Enterprises today have many digital ways of interacting with their customers - and therefore just as many ways for authenticating those users and transactions. Sesh Venkataraman of CA Technologies explains the business value of omnichannel authentication solutions.
The latest edition of the ISMG Security Report describes a discussion among "Five Eyes" intelligence agencies at the recent CyberUK conference. Plus, an update on a Huawei 'backdoor' allegation and new research on managing third-party risk.
Federal regulators and medical device maker Philips have issued alerts about a security vulnerability in the company's Tasy electronic medical records system that could put patient data at risk. How common is this type of vulnerability?
WikiLeaks founder Julian Assange returned to court on Thursday and told a British judge that he would not voluntarily accept extradition to the U.S. to face a charge of helping to hack into a Pentagon computer, setting up a legal fight that could take months.
The U.S. Department of Homeland Security is requiring that federal agencies speed up patching and remediating "critical" and "high" software vulnerabilities. Security experts say this change is long overdue. But does it go far enough?
An Australian security researcher who pleaded guilty to several charges related to probing the network of popular car-sharing service GoGet has avoided jail time. Nik Cubrilovic was sentenced to 400 hours of community service and must pay restitution to GoGet.
The 2018 cybersecurity landscape ushered in a blend of old and new threats, some of them game-changing, according to Trend Micro's Annual Security Roundup. Trend's Greg Young shares insight from this report.