The Department of Health and Human Services has yet to take certain critical actions to help enhance cybersecurity, according to a new GAO report that lists hundreds of recommendations for improving operations that have not been implemented.
Dark patterns are out to get you. The term describes the practice of abusing usability norms to create user interfaces that trick users into divulging their personal details or sacrificing their privacy. Bipartisan legislation proposed in the U.S. Senate, however, would make malicious design illegal.
A new type of malware, dubbed TajMahal, offers its users a host of espionage techniques, including the ability to steal documents sent to a printer queue and pilfer data from a CD, Kaspersky Lab reports. But researchers have only identified one victim so far.
Yahoo is hoping a revamped proposed breach-related settlement will pass muster with a federal judge who rejected the first one for myriad reasons, including high attorney fees and a lack of transparency. The settlement totals $117.5 million, just ahead of health insurer Anthem's $115 million settlement.
FIN6, a cybercrime group that has focused on attacking point-of-sale devices to steal credit card numbers, now also is waging ransomware attacks that target businesses with either LockerGoga or Ryuk, according to a new analysis from security firm FireEye.
A 24-year-old man living in England has been sentenced to more than six years in prison for his role in a ransomware scheme that targeted millions of computers across 20 countries, the U.K.'s National Crime Agency announced Tuesday.
The exits of the Department of Homeland Security secretary and Secret Service director are prompting discussion about the continuity of U.S. cybersecurity policy because the agencies play a key role in securing infrastructure and investigating financial cybercrime.
Technology is making fraud faster to commit, but key methods remain unchanged, says Kenneth Citarella of Guidepost, who provides insights on fraud prevention strategies.
The lack of a strong security culture at Equifax - especially compared to its two main competitors - was a key factor contributing to its 2017 data breach that exposed the personal records of 145 million Americans, according to a 71-page Congressional report.
Browser-based cryptocurrency miners are falling out of favor as virtual currency prices remain low, IBM says. But the company says malware-based miners are coming back, including fileless ones that rely on Powershell. Here's the lowdown.
At RSA Conference 2019 in San Francisco, Information Security Media Group's editorial team conducted more than 150 video interviews with industry thought leaders. Here are the highlights.
Phishing remains one of the most significant attack vectors, and security automation, orchestration and response, or SOAR, can help minimize the threat, says Myke Lyons of ServiceNow.
Strong business resilience metrics for measuring effectiveness, simpler networks and smaller tool sets are all needed to cope with the evolving threat landscape, says retired Major General Earl Matthews, senior vice president at Verodin.
Organizations need to go far beyond putting security software on mobile devices and develop a much broader mobile security strategy, says Michael Covington of Wandera.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
