Within one day of the disclosure of the flaw known as Heartbleed, an attacker posing as an authorized user broke into a corporate computer system, exploiting the vulnerability in the OpenSSL protocol, the breach detection firm Mandiant says.
As federal regulators reveal details for the next phase of HIPAA compliance audits, security and privacy experts give the plan mixed reviews. Find out what experts like and don't like about the proposals.
The Royal Canadian Mounted Police have arrested and charged a 19-year-old London, Ontario, man for his alleged role in exploiting the Heartbleed vulnerability to steal data from the Canada Revenue Agency website.
In the wake of recent high-profile retail breaches, the PCI Security Standards Council is supporting a move toward chip card technology that conforms to the Europay, MasterCard, Visa Standard, says General Manager Bob Russo.
Tech companies continue to respond to the Heartbleed vulnerability by issuing alerts and patches to mitigate potential data compromises. Learn the latest advice from Trend Micro and ICSA Labs, plus updates from Rackspace, Akamai and Bitcoin.
The HHS Office for Civil Rights will resume its HIPAA compliance audit program this fall with a limited number of narrowly focused "desk audits," plus comprehensive on-site audits "as resources allow."
Media reports indicate HHS Secretary Kathleen Sebelius is resigning from her post. The news follows months of scrutiny over the HealthCare.gov site launch, which experienced disruptions and gaps in security.
As news of the Heartbleed bug continues to spread, government agencies in the U.S. and Canada are issuing statements on the vulnerability. Find out the latest on this threat and what thought-leaders are saying.