President Donald Trump's nominee to head the National Security Agency and U.S. Cyber Command, Lt. Gen. Paul Nakasone, faces two Senate committee hearings as part of his nomination process. He'll face questions on cyber defense, privacy and combating information warfare.
If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.
HHS continues to improve its information security program, but it needs to take steps to address a number of ongoing weaknesses, according to a new watchdog agency report. What are those glaring weaknesses, which are also, unfortunately, common at many healthcare organizations?
The Securities and Exchange Commission and the Department of Justice have both charged Jun Ying, a former CIO at data broker Equifax, with engaging in illegal insider trading after he determined that his employer had suffered a massive breach.
A U.S. power company, unnamed by regulators, has been fined a record $2.7 million for violating energy sector cybersecurity regulations after sensitive data - including cryptographic information for usernames and passwords - was exposed online for 70 days.
A set of vulnerabilities in AMD chipsets that gives attackers enduring persistence on machines appears to be legitimate. But experts are questioning the motivations of the Israeli security company that found the flaws, contending it ambushed AMD to maximize attention.
President Donald Trump has blocked a bid by Singapore's Broadcom to acquire U.S. chipmaker Qualcomm on the grounds that it could impact national security, including the United States' ability to help shape future mobile telephony standards.
A federal judge has largely rejected a motion by Verizon to dismiss a class-action lawsuit filed by victims of three data breaches that compromised Yahoo, which is now part of Verizon. The Yahoo breaches appeared to have compromised nearly every Yahoo user's personal details at least once.
While the director of the HHS Office for Civil Rights says HIPAA enforcement remains a top priority for the agency, obtaining enough resources to carry out its mission is an ongoing battle, says former OCR official Deven McGraw.
To the surprise of many, $120 million allocated by Congress since late 2016 to help the State Department combat foreign governments' U.S.-focused propaganda and disinformation campaigns hasn't been spent. Meanwhile, midterm U.S. elections are fast approaching.
Whoever unleashed malware built to disrupt last month's Winter Olympics in Pyeongchang, South Korea, designed it to look like it had been executed by a group of hackers tied to North Korea. But researchers at the security firm Kaspersky Lab say any such attribution would be false.
Kaspersky Lab says it has uncovered an elegantly written piece of malware that leverages a Latvian-designed router to launch stealthy attacks. The security firm hints that the malicious code could only have come from a well-resourced attacker, but it stops short of naming one.
Regulators are struggling to keep up with the proliferation of online trading schemes. Here's the story of an Australian woman who lost AU$63,000 on a platform called Millennium-FX. She is trying to recover her money, which ended up in an account controlled by a 30-year-old Russian man who lives in Cyprus.
Penetration testing can help find vulnerabilities that aren't typically identified by scanning and other monitoring. But the testing comes with some risks, Duke Health CISO Chuck Kelser and pen tester John Nye explain in a joint interview.
A zero-day flaw in Adobe Flash, recently patched, has been targeted by a group of attackers that may have ties to North Korea as part of an apparent attempt to hack into Turkish banks, security firm McAfee warns. It notes that there are signs that financial institutions in other countries are also being targeted.