Security researchers warn of "Xara" flaws in Apple iOS and OS X that could be used to intercept passwords and banking data, as well as a keyboard app that puts more than 600 million Samsung device users at risk.
Well-known health data privacy expert and federal adviser Deven McGraw is joining the Department of Health and Human Services' Office for Civil Rights as its new deputy director for health information privacy, heading its HIPAA enforcement efforts.
The FBI and Justice Department are investigating a 2014 hack that compromised systems owned by the Houston Astros professional baseball team, which was allegedly launched by the rival St. Louis Cardinals.
Exasperated House Oversight Committee Chair Jason Chaffetz faults OPM Director Katherine Archuleta for not embracing a 2014 inspector general recommendation to shutter unauthorized IT systems that hackers eventually breached.
A new Obama administration cybersecurity initiative isn't placing new burdens on federal government agencies; it's aimed at getting them to comply with recommended safeguards they've failed to implement.
When it comes to health data breaches, business associates are again grabbing headlines, calling attention to the importance of scrutinizing vendors. The latest incident involves a breach that wasn't reported to a covered entity for eight months.
The investigation into the U.S. Office of Personnel Management breach has reportedly found that foreign spies may have stolen deeply personal information on up to 14 million current and former federal workers, going back three decades.
Some privacy experts say a new Internal Revenue Service collaborative initiative aimed at reducing identity theft and fraud affecting taxpayers comes up short. Find out what other steps they'd like to see the IRS take.
Medical Information Engineering, which offers Web-hosted EHRs as well as personal health records, reports a hacker attack has exposed an undisclosed number of patients' health information and Social Security numbers.
A massive breach at the U.S. Office of Personnel Management wasn't discovered by government sleuths - or the Einstein DHS intrusion detection system - but rather during a product demo, a new report says.
In addition to providing training, healthcare organizations should consider implementing technology to help prevent user mistakes that can lead to breaches of protected health information, says Geoffrey Bibby of ZixCorp.
With regulators gearing up to begin the next phase of HIPAA compliance audits, many covered entities appear to be overconfident about passing that scrutiny, according to the results of ISMG's latest Healthcare Information Security Today survey.
Encrypted browsing - using HTTPS - helps secure online communications, and Apple says developers must now employ the protocol by default. Likewise, the White House says that by 2017, all federal websites must adopt HTTPS-only policies.
Kaspersky Lab has discovered a new, advanced persistent threat - inside its own networks. Dubbed Duqu 2.0, the malware has ties to Stuxnet, and was used to target Iranian nuclear negotiations, researchers say.