The FBI is pursuing a suspected Russian hacker who reportedly amassed a trove of 1.2 billion stolen online credentials, plus payment card data and Social Security numbers, and who's offered access to hacked Facebook and Twitter accounts.
Federal regulators have announced an $850,000 HIPAA settlement with Lahey Hospital and Medical Center stemming from an investigation into the theft of a laptop that was used to operate a medical device.
The Federal Trade Commission's Bureau of Consumer Protection plans to appeal an FTC administrative law judge's initial decision to dismiss the FTC's data security enforcement case against LabMD, a cancer testing laboratory.
Credit rating agency Moody's Corp. warns that cyber defenses as well as breach detection, prevention and response will be higher priorities in its analysis of the creditworthiness of companies across all sectors, including healthcare and financial services.
Dell is moving to patch a customer-support application preinstalled on many laptops and PCs after security researchers found that it installs a root certificate that could be abused by attackers to intercept private data.
With the heightening of the threat of cyber-attacks to America's critical infrastructure, a congressional watchdog says federal agencies need to adopt better metrics to determine the risks specific to the industries they monitor.
Starwood Hotels and Resorts has confirmed a point-of-sale breach, but card issuers say they don't believe the Starwood breach is isolated, and that fraud patterns indicate that another, perhaps larger breach, is impacting cards across the country.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
The moment a successful defense is deployed, attackers find new ways to break into networks. In this video interview, Dr. Dale Meyerrose describes the damage wreaked by APTs and the strategies organizations can use to keep attackers at bay.
Several recent data breaches involving email mishaps serve as a reminder of precautions that healthcare entities must take with protected health information contained in digital communications that are sent or received by their organizations.
A messy legal saga between the FTC and LabMD, related to a data security dispute, appears closer to ending with a significant win for the medical testing lab. What comes next in this hotly-contested case?
Flaws highlighted by researchers at Black Hat Europe could be used to bypass self-encrypting drives' crypto, defeat Windows BitLocker, fool self-driving cars, mess with oil and gas ERP systems and more.
A government audit of Internal Revenue Service financial statements reveals deficiencies in internal information security controls, including missing security updates, insufficient audit trails and monitoring for certain key systems and use of weak passwords.
The continuous integration tools that many software developers rely on are often misconfigured or lack security controls, thus putting code at risk, security expert Nikhil Mittal claims at Black Hat Europe.