Fancy Bear strikes again: the suspected Russian hacking group released confidential medical records for four U.S. Olympic athletes, falsely contending the documents prove illegal drug use by the Olympians.
The cybercrime sector involves a rapidly growing services economy that provides everything from bulletproof hosting and stresser/booter DDoS on demand, to ransomware-as-a-service and sites that offer to launder bitcoins via a process known as tumbling.
Is recently issued guidance from federal healthcare regulators clarifying when a ransomware attack needs to be reported starting to have an impact? Two recent breach notifications could be an early indication that the answer is yes.
A watchdog agency report highlighting data security violations by a Department of Veterans Affairs medical contractor offers a reminder to all healthcare organizations about similar risks their business associates can pose - especially if BAs are inadequately monitored.
Two men have been arrested by Israeli police, at the request of the FBI, in connection with an investigation into the vDos site, which provided distributed denial-of-service - a.k.a. stresser or booter - attacks on demand.
SentinelOne, one of a batch of vendors using machine learning to conquer malware, says it will not integrate its behavioral detection engine into Google's VirusTotal service. CEO Tomer Weingarten claims the investment wouldn't provide a worthwhile return.
Recent data breaches involving mental health and substance abuse information highlight some of the special challenges that organizations can face in protecting extra-sensitive patient records. In one incident, stolen patient data was reportedly posted on the dark web.
Two men allegedly tied to the hacking group "Crackas With Attitude" have been arrested as part of an investigation into hacks of U.S. government systems and senior government officials, including CIA Director John Brennan's personal AOL email account.
Wells Fargo will pay $185 million in fines over employees illegally subscribing customers to banking products they didn't request - creating 2 million ghost accounts in the process - in what appears to be one of the largest cases of identity theft ever recorded.
President Obama has named Gregory Touhill, a retired Air Force brigadier general, as the U.S. federal government's first CISO. But his tenure could be brief because the next president could replace him or do away with the new position.
Internet of Things alert: Many embedded systems contain hardcoded cryptographic credentials that attackers could use to seize control of the devices or crack encrypted website traffic. And the problem is only getting worse, says security firm SEC Consult.
A lawsuit filed by St. Jude Medical claims that a recent report alleging dangerous cybersecurity vulnerabilities in its implantable cardiac devices was financially motivated and contained false statements and "market-bombshell scare tactics."
As the Office of Personnel Management purged a hacker, another intruder who secretly infiltrated the system stole 20.5 million records containing personal information of government workers and contractors, a new GOP report says. Democrats dispute many of the report's key findings about security shortcomings.
The National Institute of Standards and Technology is moving ahead with an initiative to create standards for cryptographic algorithms for small computing devices, such as those found in automobiles, control systems, smart grids and the Internet of Things.
A former administrative worker at a Florida pediatric practice has been indicted in federal court along with two others for alleged identity theft and fraud crimes involving stolen patient information. But why didn't prosecutors file HIPAA-related criminal charges?