Software vulnerabilities sometimes have an uncanny knack of revealing themselves, even when a bug hunter is looking someplace else. Sam Curry's probing eventually revealed a cross-site scripting flaw in a Tesla service, which netted him a $10,000 bounty.
Broadcom has reportedly suspended its effort to acquire Symantec after the two companies failed to agree on a price for the deal. The negotiations had been ongoing for several weeks.
The group behind the Sea Turtle espionage campaign that was exposed in April is expanding its geographic reach and claiming new victims, according to researchers with Cisco's Talos unit.
Fraudsters continue to get new tricks up their sleeves. Criminals are increasingly using Apple Pay, setting up mobile call centers to socially engineer victims as well as tricking consumers via fake e-commerce sites that never fulfill orders, fraud-fighting experts warn.
In the run-up to Amazon Prime Day, some of the company's customers were being targeted by a phishing kit called 16Shop, according to McAfee researchers. The campaign is similar to an earlier attack that focused on Apple users.
Enumerating medical devices, identifying where the security risks lie and then implementing a multilayered defense plan to mitigate risks should be top priorities for healthcare organizations, says thought leader John Halamka, M.D., executive director for technology exploration at Beth Israel Lahey Health.
When it comes to supply chain risk, many organizations overlook how dependent they are on those critical relationships, says Matt Kraning of Expanse. As a result, they are minimizing serious security vulnerabilities. Kraning offers insights on re-thinking that dynamic.
After a long privacy investigation, the U.S. Federal Trade Commission voted to levy a $5 billion fine against Facebook, according to the Washington Post and the Wall Street Journal.
A former software engineer for an Illinois-based locomotive manufacturer allegedly stole proprietary information and other intellectual property from the company before fleeing to China, according to an indictment the U.S. Justice Department unsealed Thursday.
Incidents involving supply chain vendors pose increasingly significant risks to health data, says Rick McElroy of Carbon Black, who addresses "island hopping" and other emerging threats.
The latest edition of the ISMG Security Report analyzes the significance of fines against British Airways and Marriott for violations of the EU's GDPR. Also featured are discussions of California's privacy law as a model for other states and the next generation of deception technologies.
The success of security operations centers will depend on how well they blend key technologies - including detection, user behavior analytics and orchestration, says Haiyan Song of Splunk, who offers strategic insights.
George Orwell's "1984" posited a world in which Big Brother monitored us constantly via "telescreens." But thanks to our "smart" AI home assistants - from Google, Amazon and others - we're increasingly installing the monitoring equipment ourselves, and it may "hear" much more than we realize.
A new ransomware strain called eCh0raix is targeting enterprise storage devices sold by QNAP Network by exploiting vulnerabilities in the gear and bypassing weak credentials using brute-force techniques, warns security firm Anomali.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
