Hundreds of millions of PCs are at risk of being remotely exploited, after a security researcher released proof-of-concept exploit code for separate, newly discovered flaws in software preinstalled on systems by Dell, Lenovo and Toshiba.
President Obama's remarks urging "high-tech and law enforcement leaders to make it harder for terrorists to use technology to escape from justice" are being interpreted by some to mean that government and Silicon Valley should collaborate to create a backdoor to circumvent encryption on devices used by terrorists.
Following the shootings in San Bernardino, Calif., which left 14 people dead, President Obama used an Oval Office address to call on technology firms to help law enforcement agencies better monitor "the flow of extremist ideology."
In the year ahead, federal regulators need to ramp up their efforts to enforce HIPAA compliance among business associates because so many lack mature security controls, argues security expert Mac McMillan of the consultancy CynergisTek.
Dorkbot - one of the world's most prevalent crimeware toolkits - has been disrupted by an international law enforcement and security research firm effort. But similar previous disruptions have failed to eradicate the malware.
A huge part of fraud prevention is being able to detect anomalous behavior on your network. But to do so, you need to know what normal behavior looks like. Usman Choudhary of ThreatTrack discusses how to create that network baseline.
The experience of a dozen health plans that participated in a cyberattack drill spotlights the need for a well-thought-out incident response plan, says John Gelinne of Deloitte Advisory Cyber Risk Services.
Turns out electronic learning products can be bad for children's privacy - and for their parents too. The VTech breach highlights how, despite repeated warnings, too many manufacturers continue to not take security seriously.
In yet another HIPAA enforcement action by a state attorney general, the New York AG has fined the University of Rochester Medical Center after a nurse practitioner gave patients' information to her future employer without getting the patients' permission.
Top American and Chinese government officials, meeting this week in Washington, agreed to create a common understanding on cyberthreats and how to respond to them, but the two sides offered different characterizations of the tone of the dialogue.
Despite the frequency of healthcare data breaches, only half of U.S. hospitals have the infrastructure to support two-factor authentication, according to a new report. Plus, some information security leaders say implementation of the technology at many of those facilities is likely relatively narrow.
The breach of Hong Kong toymaker VTech highlights security experts' growing concern over manufacturers selling devices - for enterprises, medical purposes, schools as well as homes and now toy boxes - that don't appear to be secure by design.
Consultant, venture capitalist, retired chairman of RSA. Art Coviello plays many roles, and through them he has a unique view on how the information security marketplace is taking shape for 2016. Who does he see as the winners and losers?
The Chinese government concedes the attack on U.S. Office of Personnel Management computers emanated from China, but it contends the culprits were criminals, not individuals working for the Chinese government or military. Some experts in the United States aren't buying the Chinese government's explanation.