Two weeks after the launch of Heartbleed.com, traffic to the site remains strong and tweets still flow at a brisk pace. Site creator Codenomicon is helping IT practitioners to mitigate the OpenSSL flaw - and attracting customers, too.
Within one day of the disclosure of the flaw known as Heartbleed, an attacker posing as an authorized user broke into a corporate computer system, exploiting the vulnerability in the OpenSSL protocol, the breach detection firm Mandiant says.
As federal regulators reveal details for the next phase of HIPAA compliance audits, security and privacy experts give the plan mixed reviews. Find out what experts like and don't like about the proposals.
While the 2014 Healthcare Information Security Today survey indicates more healthcare entities are performing HIPAA security risk assessments, smaller providers and business associates are still struggling with this task, says security expert Kate Borten.
Although access to electronic health information is expanding to more users, including patients, many healthcare organizations are still reluctant to use advanced methods of authentication, says Jeff Cobb, CISO at Capella HealthCare.
The Royal Canadian Mounted Police have arrested and charged a 19-year-old London, Ontario, man for his alleged role in exploiting the Heartbleed vulnerability to steal data from the Canada Revenue Agency website.
Many covered entities are still tackling the challenge of making sure their business associates are HIPAA compliant, says security specialist Andrew Hicks, who analyzes the results of the 2014 Healthcare Information Security Today survey .
Three years ago, trust on the Internet - or the lack thereof - focused, in part, on the faceless hacking groups such as Anonymous and LulzSec. Today, we have a face for this lack of trust, and it looks a lot like Uncle Sam and a Chinese Red Army cybersoldier.