Cybersecurity specialists need to learn to think like an adversary in order to develop sound defense strategies, says Greg Shannon, chief scientist at the CERT Division of Carnegie Mellon University's Software Engineering Institute.
Microsoft has issued an emergency fix for a vulnerability in Windows Kerberos that is being exploited via in-the-wild attacks. Attackers can leverage the flaw to gain all-access rights to anything inside an Active Directory Domain, experts warn.
Two government watchdog agencies say information security weaknesses at the Department of Veterans Affairs make the VA systems vulnerable to ID theft and potential attacks by foreign entities.
Technically savvy armed robbers who stole an encrypted laptop and smart phone from a physician who works at Brigham and Women's Hospital in Boston demanded that the doctor reveal the devices' passwords and encryption keys as well.
From an intrusion at the U.S. Postal Service to the NSA leaks by former contractor Edward Snowden, this infographic offers a look at the top data breaches affecting government agencies.
A former hospital CFO has pleaded guilty to submitting false documents so the medical center could receive payments from the HITECH Act EHR incentive program. Some legal experts say other federal prosecutions for HITECH Act fraud are likely.
Staples has confirmed that its retail point-of-sale systems were compromised earlier this year by malware-wielding attackers. Learn what two card issuers say about fraud tied to the breach.
The hacking of the State Department's unclassified systems, revealed over the weekend, and a similar incident involving a White House network, unveiled last month, are linked, an official says.
Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.
The Walgreens case is the second state court ruling in recent weeks that calls attention to how incidents involving alleged patient privacy violations can lead to negligence lawsuits that invoke HIPAA as a benchmark.
The stiff sentence of a cybercriminal for his role in an Internet-based scheme that trafficked in hacked payment card sends a strong message about the serious nature of ID theft. But experts say more tough sentences are needed to deter fraudsters.
The State Department shuttered its unclassified e-mail system over the weekend as a result of a suspected hack, reportedly the same breach that the White House last month said hit its computer system.
From PCs to tablets to smartphones, customers enter institutions from all electronic angles. And these new banking habits put new strains on traditional IT infrastructure. How can banks ensure security?
Brendan Hannigan became IBM's top security systems executive in 2011, when Big Blue acquired the company he ran, Q1 Labs. Hannigan says acquisitions will remain a key component in the growth of IBM's security business.
A Connecticut Supreme Court ruling paving the way for a case involving accusations of negligence stemming from an alleged violation of HIPAA privacy standards could potentially have an impact on data breach cases, the plaintiff's attorney says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
