A report claims British intelligence agency GCHQ knew in advance that the FBI planned to arrest WannaCry "hero" Marcus Hutchins when he visited the United States for the annual Black Hat and Def Con conferences last month. The information security community asks: Is that justice?
Locky is back. After falling off the radar last year, the ransomware is once again being distributed via massive spam campaigns - run by the Necurs botnet - in the form of two new variants named Diablo and Lukitus.
Security vendors are known to sprinkle hyperbole among their claims. But the strategy has backfired for DirectDefense, which mistakenly cast endpoint protection vendor Carbon Black as a contributor to the "world's largest pay-for-play data exfiltration botnet."
Nationwide Mutual Insurance Co. will pay a $5.5 million settlement and update its security practices as a result of an agreement with attorneys general in 32 states and the District of Columbia in the wake of a 2012 data breach affecting more than 1.2 million individuals.
A proposed Senate bill aims to bolster the cybersecurity of medical devices, including creating a report card that provides transparency about a device's "cyber capabilities" and results from cyber risk assessments and testing. Does bill overlap with work already underway?
Britain's home secretary claims that "real people" don't really want unbreakable, end-to-end encryption - they just like cool features. Accordingly, she asks, why can't we just compromise and add backdoors, thus breaking crypto for everyone?
The effort to improve the matching of patients to all the right records from multiple sources may get a new boost from Congress. Learn about the latest effort to help ensure clinicians have secure access to all the right records for the right patient - and the implications for CISOs.
Christopher Painter, who has advocated for diplomatic engagement with cyber friends and foes alike, is leaving his post as coordinator of cyber issues at the State Department, a job he has held since early 2011.
Two GOP senators are asking federal regulators to recoup potentially millions of dollars worth of allegedly inappropriate EHR incentive payments made under the HITECH Act. If the money is clawed back, what's the potential impact on data security spending?
Demands by politicians that people must be willing to surrender their privacy rights to help security services battle cybercrime are shorthand for governments having significantly underinvested in the required resources, says information security expert Brian Honan.
In an exclusive in-depth interview, Genevieve Morris of the Office of the National Coordinator for Health IT discusses the agency's plans for ramping up its efforts to advance the secure exchange of health data to improve care - and seeks feedback.
Although the Office of the National Coordinator for Health IT is phasing out its chief privacy officer position, a focus on data security and privacy will continue to be interwoven into all the work the office does, including electronic health record interoperability efforts, the head of the office pledges.