Warning: All versions of Flash Player are vulnerable to a zero-day, weaponized exploit that became public when Italian spyware vendor Hacking Team was hacked, and 400 GB of corporate data leaked. Adobe has released an update to patch the flaw.
A dozen well-known cryptographers and information security specialists have published a paper explaining why they believe it's unfeasible to create a so-called "backdoor" to allow law enforcement to decrypt encoded information.
Covered entities find it difficult to prevent unauthorized access to patient data by members of their staffs. Preventing breaches involving insiders at business associates can be even trickier, as an incident affecting Meritus Health illustrates.
Italian surveillance software maker Hacking Team has confirmed that it was hacked and recommends police, law enforcement and government agencies suspend their use of its software, pending a full breach investigation.
Following its mega-breach, the U.S. Office of Personnel Management suspends use of its online background check application system, citing a vulnerability. Also, the agency now faces a breach-related lawsuit filed on behalf of federal workers.
Just how bad is the U.S. Office of Personnel Management breach? Consider that spies may now have access to every secret - sexual, financial, familial, medical - shared by personnel seeking security clearances to access classified U.S. information.
As hackers increasingly focus their attacks on the government and healthcare sectors, it's more critical to ensure that consumers' personal data is handled securely on Obamacare's HealthCare.gov website as well as state health insurance exchanges.
The NSA secretly widened its warrantless surveillance of Americans' international Internet traffic to seek evidence of malicious computer hacking, according to published reports based on documents leaked by former NSA contractor Edward Snowden.
During a time of significant change for corporations, when today's modern network extends far beyond the company's physical walls, it's disturbing that companies face such well-organized and pervasive threats.
The lead cybersecurity official for Britain's GCHQ intelligence agency dismisses charges that the U.K. conducts mass surveillance. But critics question the government's introduction of the Investigatory Powers Bill.
In a case also involving kidnapping and drug conspiracy, two individuals - a former hospital worker and a convicted drug trafficker - have been sentenced to prison for HIPAA privacy violations. Learn who received the maximum sentence.
In assessing risk, computer security has three characteristics: confidentiality, integrity and availability. But not all of those traits help systems designers assess privacy risks. So NIST is developing a privacy risk management framework.
Some healthcare associations are seeking more clarity from federal regulators about security and privacy requirements proposed for Stage 3 of the HITECH Act "meaningful use" incentive program for electronic health records. Find out their concerns.
The Senate has moved closer to approving the USA Freedom Act, with a vote expected in the coming days on the House-passed legislation to provide for surveillance of Americans' phone records with approval of a court order.