Flaws highlighted by researchers at Black Hat Europe could be used to bypass self-encrypting drives' crypto, defeat Windows BitLocker, fool self-driving cars, mess with oil and gas ERP systems and more.
A government audit of Internal Revenue Service financial statements reveals deficiencies in internal information security controls, including missing security updates, insufficient audit trails and monitoring for certain key systems and use of weak passwords.
The continuous integration tools that many software developers rely on are often misconfigured or lack security controls, thus putting code at risk, security expert Nikhil Mittal claims at Black Hat Europe.
In the wake of massive health data breaches, four U.S. Senators are demanding that the Department of Health and Human Services provide details about how it tracks medical ID theft and fraud and assists victims. But is HHS positioned to address the issues?
Financial institutions no longer can rely on strong passwords or even two-factor authentication to secure their customers' data. Instead, they must weed out fraudsters through the use of behavioral analytics and passive biometrics, Ryan Wilk of NuData Security says in this video interview.
The annual Black Hat Europe conference launched on an introspective note, with security expert Haroon Meer using a best-selling book on individuals' workplace failures to argue that it's time for information security professionals to stop making excuses.
Although the U.S. Office of Personnel Management has granted the Department of Homeland Security permission to hire 1,000 cybersecurity specialists, that authorization doesn't ensure that 1,000 experts will be hired anytime soon.
A data breach potentially affecting 16,000 patients at a group of Texas pediatric clinics spotlights the challenges in preventing and detecting breaches involving insiders who are authorized to access records.
As cyberattacks become more sophisticated, organizations need to convert data into proactive threat intelligence, says Jim Penrose of Darktrace. In a video interview, he describes the concept of an "Enterprise Immune System."
Cable TV provider Cox Communications will pay a fine and implement a seven-year monitoring program to settle an FCC complaint after suffering a 2014 breach at the hands of a Lizard Squad hacker. Find out the size of the FCC's latest breach-related penalty.
Fraudsters are increasingly using global brands, including Apple, to fool consumers into providing personal and financial information that can be used to compromise financial accounts. Experts offer insights on the latest trends and how to respond.
Hartford Hospital and its business associate, EMC Corp., have agreed to pay a fine as part of a health data breach settlement with Connecticut's attorney general. Learn about the size of the financial penalty and other settlement details.
The group of hackers who recently claimed to have hacked the CIA director's personal email account now says it has breached an FBI information-sharing portal. So far, the group has released contact information for about 2,400 law enforcement users.
While 2015 is already a record year for mega breaches in the healthcare sector, recent incidents involving common, persistent problems - as well as smaller scale hacker attacks - continue to litter the federal tally of health data breaches.