A medical practice's misconfigured database server that allegedly exposed information about thousands of patients plus staff serves as another reminder about the importance of safeguarding sensitive data from exposure on the internet.
Two out of three organizations say that finding qualified cybersecurity professionals is a struggle, a new study shows. And 80 percent of respondents do not feel adequately prepared to defend their organizations. Kathie Miley of Cybrary and Wade Baker of Cyentia Institute discuss how to bridge the cyber skills gap.
Evidence continues to mount that Russian intelligence created the "Guccifer 2.0" hacker online persona as a "plausible deniability" cover for dumping information stolen from the U.S. Democratic National Committee, among other targets, says cybersecurity expert Alan Woodward.
Despite the White House's request for deep budget cuts, Congress passed and President Trump signed into law last week flat funding for the current fiscal year for the two federal agencies responsible for health information privacy and security issues, including HIPAA enforcement.
Facebook is facing a new controversy after some users say they've found records of phone calls and text messages in their personal files, but claim they never granted the social networking site permission to collect the data.
The U.K. government concurs with allegations contained in a U.S. Department of Justice indictment, which charges nine Iranians, plus the Mabna Institute, with perpetrating a five-year hacking campaign designed to steal scientific secrets for Iran's military and private industry.
Security experts analyze the potential impact of recently announced changes to the PCI Security Standards Council's Qualified Integrators and Resellers Program that are designed to help smaller merchants prevent breaches.
A class action lawsuit is seeking millions of dollars in damages for plaintiffs after yet another mailing-related health data breach involving sensitive HIV-related information allegedly visible through envelope windows.
The notorious "lone hacker" known as "Guccifer 2.0," who claimed credit for breaching the Democratic National Committee and dumping stolen emails, failed to activate a VPN client at least once, revealing an IP address at the headquarters of Russia's GRU military intelligence agency, the Daily Beast reports.
The U.S. Department of Justice has announced the indictment of nine Iranians alleged to have penetrated systems belonging to hundreds of U.S. and foreign universities, government entities and private companies to steal more than 31 terabytes of documents and data.
Ransomware has struck the city of Atlanta and frozen internal and customer-facing applications, hampering residents from paying bills or accessing court information. But the city says it has working backups and expects to pay employees on time.
As the Cambridge Analytica scandal continues to unfold, Congress seeks answers from Facebook, calling on CEO Mark Zuckerberg to testify. Also in the latest edition of the ISMG Security Report: Is it possible to build a secure digital wallet for storing cryptocurrency?
Recent financial reports from three healthcare sector organizations that suffered cyberattacks demonstrate how costly data breaches can be for not-for-profit healthcare providers and for-profit companies alike.
States will not have the full range of much-needed cybersecurity practices and equipment in place for this year's U.S. midterm elections. But efforts underway might deliver many much-needed improvements in time for the 2020 elections, Homeland Security Secretary Kirstjen Nielsen tells a Senate committee.
Multivector distributed denial-of-service attacks are having a bigger impact than simple volumetric attacks, says Brian McCann, president of Netscout's security business unit, who analyzes the latest trends in an in-depth interview.