Two government agencies have issued alerts about cyber vulnerabilities in certain cardiac devices from St. Jude Medical, which were at the center of a controversial report by an investment firm last year. The device maker, recently acquired by Abbott Laboratories, has issued software updates to address the problems.
In a reminder of HIPAA's tough requirements for breach notification, federal regulators have issued a $475,000 financial settlement and corrective action plan for Chicago-based Presence Health tied to its tardy notification for a 2013 paper records breach affecting only about 800 individuals.
President-elect Donald Trump reportedly now accepts the U.S. intelligence community's assessment that Russia attempted to meddle in U.S. elections and may take action in response once he takes power, an aide says.
The English-language broadcaster RT, which has been closely linked to the Kremlin, is part of an ongoing Russian operation designed to sow distrust in democratic institutions, according to U.S intelligence agencies. Our collective poor cybersecurity practices only make its mission easier.
A new report from a bipartisan Congressional workgroup examining the benefits and challenges of the internet of things spotlights cybersecurity and privacy as top concerns. But will the new Congress take any action on these issues?
In an unclassified version of a top-secret report, the U.S. intelligence community says that Russian President Vladimir Putin ordered an influence campaign aimed at undermining public faith in America's democratic process and preventing Hillary Clinton from being elected president.
The KillDisk disk-wiping malware, previously tied to espionage operations, has been updated with crypto-locking capabilities and now targets Linux as well as Windows systems. But security experts warn that attackers using the Linux variant have no way to furnish a decryption key.
The latest episode of the ISMG Security Report focuses on the clash between President-elect Donald Trump and the U.S. intelligence community on whether the Russian government directed the hack of Democratic Party computers to influence the American presidential election.
To deal with the risks posed by the explosive growth of the internet of things, CISOs and CIOs must expand the scope of their security efforts, says Ganesh Ramamoorthy, vice president of research at Gartner.
Hackers will hack, but any attempt to attribute attacks back to an individual, group or state apparatus too often involves political agendas, cybersecurity marketing moves, attempts to deflect blame or outright errors of interpretation.
Hackers have apparently hijacked potentially thousands of vulnerable MongoDB databases and demanded ransoms for the return of critical data, with some victims paying up, according to security researchers.
A task force led by two lawmakers and a former U.S. CIO recommends the new administration should jettison outdated ways the federal government tackles cybersecurity, saying in a just-issued report: "Once-powerful ideas have been transformed into clichés."
For the second year in a row, the vast majority of health data breach victims were affected by hacker attacks in 2016, and the trend shows no signs of abating. Experts offer forecasts for breach trends in the year ahead.
The lack of a smoking gun - absolute certainty - has some security experts not entirely convinced that the Russians or their backers hacked Democratic Party computers in an attempt to sway the U.S. presidential election.
A U.K. Information Commissioner's report on its investigation into a 2015 TalkTalk breach offers essential information security takeaways for any organization that wants to avoid being breached, says David Stubley of 7 Elements.