Blunting Yahoo's attempt to blame nation-state attackers for its record-breaking breach, security firm InfoArmor says it's traced the 2014 hack to a cybercrime gang that's quietly resold the stolen data several times over.
Vulnerable internet-connected devices have been unwittingly drafted into electronic battle for DDoS attacks that have escalated to a new intensity in recent weeks.
A new watchdog agency report says HHS needs to provide much more guidance on how healthcare organizations should implement controls identified by the NIST Cybersecurity Framework. But some security experts are calling for bolder action - an update of the HIPAA Security Rule.
A new cyberattack trend report from Europol notes that while online criminals continue to refine their capabilities, old and unsophisticated attacks too often still succeed, thanks to poor digital hygiene and a lack of security by design and user awareness.
House Homeland Security Committee Chairman Michael McCall calls on Congress to increase spending on quantum computing research to ensure that the United States is the first nation to employ quantum computing as a tool to decrypt data. "We can't lose this one to the Chinese," he says.
Several civil lawsuits have been filed against Yahoo over the compromise of 500 million accounts. But such lawsuits have a mixed record of success in U.S. federal courts.
The more than 11,000 financial institutions that use the SWIFT interbank messaging network must annually prove they comply with its new cybersecurity standards or face being reported to regulators and business partners.
Federal regulators have entered a $400,000 settlement with an organization that provides centralized corporate support services for a number of New England-area covered entities, citing the lack of an updated business associate agreement. What lessons can be learned from the settlement?
Most enterprises, when addressing mobile security, focus on securing applications, such as the devices' operating systems, or preventing the installation of malware. But NIST cybersecurity experts say organizations should take a much broader approach to ensuring mobile security.
A recent court ruling illustrates yet another way patient privacy can be compromised. A federal bankruptcy court slapped WakeMed Health and Hospitals with financial penalties for exposing patient information in filings it made for cases.
Yahoo's disclosure of 500 million stolen accounts, one of the largest-ever data breaches, comes after months of dark-web chatter that indicated the company may be the next victim following Twitter, LinkedIn and Dropbox.
A recent incident involving a vendor using a Boston clinic employee's credentials to inappropriately access patient data via a regional health information exchange illustrates the potential risks involved as the use of HIEs continues to grow.
A group of cybersecurity policymakers recommends a series of steps the U.S. federal government and the private sector should take to ensure that the nation will have enough cybersecurity specialists in the coming decade.
Electric car manufacturer Tesla has updated its firmware after researchers in China remotely turned on a vehicle's windshield wipers, opened the trunk and applied the brakes in new Model S sedans.
Three recent criminal cases involving hospital insiders who allegedly committed a variety of fraud, identity theft or egregious privacy violations that victimized patients highlight just how difficult it is to mitigate insider threats.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
