Prosecutors have expanded a complex case, involving an alleged pump-and-dump stock scheme, hacking into U.S. banks and operating an unlicensed bitcoin exchange, to include money-laundering charges related to processing bitcoin ransoms paid by ransomware victims.
Now, more than ever, managing the risks involved in working with business associates and their subcontractors should be a top priority for healthcare organizations in their efforts to safeguard patient information, says risk management expert Andrew Hicks, who explains why.
Visa's new plan to help merchants speed checkout times for EMV chip payments sounds good, in theory. But in reality, it isn't likely to have much immediate impact on either speeding EMV adoption or enhancing the user experience.
A previously unknown cybercrime group has hacked into numerous organizations in the retail and hospitality sectors to steal an estimated 20 million payment cards, collectively worth an estimated $400 million via underground cybercrime forum sales, FireEye reports.
For the second time in two years, federal regulators have slapped New York Presbyterian Hospital with a multi-million dollar penalty as part of a HIPAA settlement. The latest incident involved filming of patients without their permission.
Two of the hacker masterminds behind the notorious SpyEye malware have each received lengthy prison sentences after pleading guilty to related charges in U.S. federal court. But alleged Zeus creator and accomplice Evginy Bogachev remains at large.
Epic Systems' successful lawsuit against India's Tata Consultancy Services raises many security questions. For example, why did Epic find out about the allegedly inappropriate downloading of trade secrets from an external whistleblower, rather than as a result of internal detection efforts?
A North Carolina orthopedic clinic will pay a $750,000 penalty as part of a breach-related federal settlement involving the release of 17,300 X-ray films containing patient information to a vendor without having a business associate agreement in place, as required under HIPAA.
"Internet of Things" developers must think about how attackers might attempt to exploit a device, and why, and then write code designed to block such attacks, says Charles Henderson, IBM's global head of security testing and threats.
What could be worse than a ransomware infection? How about getting infected by "torture ransomware" that uses a sadistic puppet to taunt you, slowly deleting your encrypted files while increasing the ransom demand until you pay?
Does a federal appellate court's decision allowing a breach-related class-action lawsuit against restaurant chain P.F Chang's to move forward - and a similar, earlier decision in a case against Neiman Marcus - signal a change in tide for post-breach lawsuits? Legal experts offer widely varying opinions.
A former pharmaceutical company manager faces sentencing in July after pleading guilty to criminal HIPAA violations for his part in a complex fraud scheme involving drug maker Warner Chilcott. Why are criminal HIPAA cases so rare?
Only 23 percent of surveyed organizations can respond effectively to a cybersecurity incident. This is among the findings of Solutionary's fourth annual Global Threat Intelligence Report. Researcher Rob Kraus discusses the security gaps.
A jury's decision to award $940 million in damages to electronic health records software vendor Epic Systems, which had sued India's Tata Consultancy Services alleging theft of trade secrets, serves up lessons about the importance of restricting access to all sensitive data, including intellectual property.