Chinese manufacturer Xiongmai has promised to replace or patch some IoT components that attackers are using to build massive internet of things Mirai botnets to wage DDoS attacks, such as the Oct. 21 disruption of DNS provider Dyn. But security experts question whether these moves will blunt future IoT attacks.
Federal regulators will be kicking off remote HIPAA compliance "desk audits" of business associates next month and more comprehensive onsite audits of both covered entities and BAs early next year. Learn more about what's next for the audit program.
Massive DDoS attacks, targeting DNS provider Dyn, have triggered widespread internet disruptions. Security intelligence firm Flashpoint says the attacks have been perpetrated at least in part via a botnet of Mirai-infected internet of things devices.
Authorities say Yevgeniy Aleksandrovich Nikulin stole credentials from a LinkedIn employee and used them to breach the social networking firm in 2012, in which well over 100 million members' passwords were exposed.
Widespread website outages beginning early Oct. 21 are suspected to have been caused by a massive distributed denial-of-service attack against DNS service provider Dyn. Numerous sites, including Amazon and Twitter, were sporadically unavailable.
Some 3.2 million Indian debit cards may have been compromised, according to the National Payments Council of India. While investigations are ongoing and several banks have reissued at-risk cards, the source of the card exposure has not been officially confirmed.
Former NSA contractor Harold T. Martin III., who is accused of pilfering mass quantities of highly classified information, will remain in jail until his trial. Martin engaged in "a course of felonious conduct that is breathtaking in its longevity and scale," prosecutors say.
Investment firm Muddy Waters Capital and security research start-up MedSec Holdings are again stirring up controversy, this time by releasing a video spotlighting more alleged cybersecurity flaws in St. Jude Medical cardiac devices.
Yahoo, now negotiating its sale to Verizon, has posted an increase in quarterly profits and page views, bolstering its case that its massive data breach didn't irrevocably damage its value. But with ad revenues in decline, time is running out.
In the twelfth HIPAA enforcement action so far this year, federal regulators have smacked St. Joseph Health System with a $2 million penalty after investigating a breach that exposed patient information to internet searches for more than a year. And more enforcement actions tied to other breaches are on the way.
U.S. Presidential candidate Donald Trump's business organization downplayed a finding from a UK-based researcher that the organization uses, in some cases, decade-old email software, posing significant cybersecurity risks.
A recent breach reported by an Arlington, Texas-based pediatric clinic serves as the latest reminder of the substantial risks ransomware poses to patient data. The clinic offers advice to others based on difficulties it experienced in the response to the attack, and security experts also provide insights.