Lenovo says it is working to remotely delete Superfish adware that it preinstalled on many laptops for consumers. But US-CERT warns that many products use the Komodia root certificate that is triggering security warnings.
Texas has dropped a lawsuit that it filed last year against Xerox related to a dispute over access to Medicaid records containing PHI. Nevertheless, the case remains as one of the largest health data breaches listed on the federal tally.
As new cyberthreats emerge, medical device maker Philips Healthcare is implementing a four-prong strategy for ensuring the cybersecurity of its products. Michael McNeil, global product security and services officer, outlines the steps.
Manufacturers of PCs and mobile devices must end the practice of preloading "bloatware." Lenovo's experience with offering "free" adware shows the hidden security and performance tradeoffs buyers must endure.
A former Texas hospital worker has received a prison term for violating HIPAA, one of the toughest penalties yet for such a crime. Learn why some legal experts say more criminal prosecutions for HIPAA violations are likely.
A British/American intelligence team hacked Gemalto - the world's largest SIM manufacturer - and stole encryption keys that can be used to intercept and eavesdrop on cellular communication, according to a news report citing leaked documents.
Lenovo - the world's largest PC manufacturer - says it will cease pre-installing Superfish adware on its devices and help customers delete the software and its risky digital certificate. But will all affected users get the message?
Under Jeremy Grant's stewardship, the National Strategy for Trusted Identities in Cyberspace has awarded some $30 million in grants to organizations to develop and test new, secure and easily employed ways for consumers to conduct transactions online.
Information sharing and analysis organizations being formed under President Obama's new executive order must avoid becoming silos that only share cyberthreat intelligence "within their own walls," warns Deborah Kobza, executive director of NH-ISAC.
Some security experts contend that users of numerous types of Lenovo PCs and laptops are at risk of having their encrypted traffic get intercepted because of installed-by-default Superfish adware, which handles digital certificates insecurely.
Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.
Is your organization running its anti-malware defenses properly? Don't be so sure. A new study finds that essential features built into anti-virus software are not always being used. From an information security standpoint, that's a serious problem.
Lawmakers have begun the process of taking up President Obama's call to enact cyberthreat information sharing legislation. But can Congress reach a consensus on appropriate liability protection, the issue that derailed earlier legislative proposals?
Extradited Russian national Vladimir Drinkman, who's been charged with masterminding the largest-ever hack attack in U.S. history, this week pleaded not guilty in U.S. federal court to 11 charges relating to the theft of 160 million payment cards.