Apps for wearable devices that are designed to track a user's pulse rate, blood-oxygen level or location may be leaking that data during transmission, Symantec security researcher Candid WÃ¼eest warns in a Black Hat Europe briefing.
Disconnecting systems from the Internet via an "air gap" is supposed to make the data they store harder to steal. But at Black Hat Europe, cryptographer Adi Shamir demonstrated how a laser and drone can be used to bypass air gaps.
Two not-for-profit cybersecurity associations have jointly released new guidance to help manufacturers and users of medical devices running the Windows XP or Windows 7 operating systems to quickly assess the devices' security configurations.
The Council of the Inspectors General on Integrity and Efficiency says government data stored on cloud service providers' servers could be at risk because of insufficient enforcement of government rules.
Heartbleed, Shellshock, targeted attacks - the security threats to banking institutions are legion. And there are new ways banks can get better at detecting these evolving threats, says Solutionary's Jeremy Nichols.
Security experts urge organizations to disable support for SSL on clients and servers because of flaws in the cryptographic protocol that could be used to impersonate website users and decrypt HTTPS traffic.
A federal advisory workgroup that makes privacy and security recommendations to the the Office of the National Coordinator for Health IT has officially re-launched with a new name, new members and several new hot topics to tackle in the coming months.
The Department of Health and Human Services has appointed Lucia Savage, an attorney at insurer United Healthcare, as the new chief privacy officer of the Office of the National Coordinator for Health IT.
Exploiting a vulnerability in Microsoft Office, a group of hackers believed to be Russians breached computers operated by the Ukrainian government during September's NATO summit, according to iSight Partners.
Malware known as "Mayhem" that targets Unix and Linux systems has been updated to exploit Shellshock flaws, security experts warn. But with few Unix-flavor systems running anti-virus software, how can it be stopped?
Yet another California healthcare breach-related lawsuit - this one involving Alere Home Monitoring - has been dismissed because of the lack of proof that anyone actually viewed data stored on an unencrypted computer device that was stolen.
Cybersecurity Coordinator Michael Daniel says much of the Obama administration's efforts will involve getting whatever IT security policy passed on whatever vehicle is available as long as the measure is acceptable to the White House.