Similar to security deficiencies often found in the U.S. healthcare sector, weak security controls and practices are putting Australian patient data and hospital services at high risk for serious cyberattacks, according to a new government audit.
Microsoft has taken the unusual step of issuing a second warning about BlueKeep, a vulnerability that, if left unpatched, could allow an attacker to use a worm-like exploit to take over devices running older Windows operating systems. Security researchers warn that exploits are coming.
Post-GDPR, the California Consumer Privacy Act was the first piece of US legislation to emerge - but it's hardly the last. Attorney Sadia Mirza of Troutman Sanders talks about the potential impact of CCPA and other pending privacy legislation.
The right authentication controls at the right time for the right transactions - the adaptive authentication message is taking off, says OneSpan's Tim Bedard. And here are some quick wins organizations might focus on when starting down the path.
Checkers Drive-In Restaurants says 102 of its 900 U.S. locations were hit with point-of-sale malware, with one California restaurant infected over a more than two-year period starting in December 2015. Checkers is the latest victim in a string of attacks against retailers, restaurants and hotel chains.
Private equity firm Insight Partners has announced it's acquiring threat intelligence specialist Recorded Future in a $780 million all-cash deal, capping a week of significant deal-making activity in the global information security vendor market. Find out what other deals were announced.
A security researcher has found a significant flaw all versions of Docker, an open source container platform, that can give attackers read and write access to all the files within the host system, allowing them to execute arbitrary code. As of now, there's no patch available.
Anyone looking for clarity on whether Special Counsel Robert Mueller believes President Trump is innocent of committing any crimes came away empty-handed from Mueller's press conference Wednesday, when he declined to exonerate the president. But Mueller again accused Russia of attempted election interference.
News aggregator Flipboard has initiated a systemwide password reset affecting as many as 150 million users following two database intrusions. Flipboard doesn't collect ID or financial information, but users could be at risk if they have reused their Flipboard password on other services.
Cloud-based electronic health records vendor Medical Informatics Engineering has signed a $900,000 settlement with 16 state attorneys general in a case involving the same 2015 data breach that was at the center of a recent $100,000 settlement with a federal regulator.
One year after Europe's tough new GDPR privacy law went into full effect, authorities in Britain have seen the number of annual data breach notifications more than quadruple. Meanwhile, the number of data protection complaints filed by Europeans has doubled.
Federal regulators have issued new guidance clarifying when a business associate can be held directly liable for compliance with the HIPAA privacy, security and breach notification rules. Why is there still so much confusion?
Reports that the city of Baltimore was attacked using a vulnerability in Windows originally stockpiled by the National Security Agency have triggered a blame game. Cybersecurity watchers are debating attacker culpability, patch management prowess and zero-day stockpiling.
A security researcher warns that nearly 1 million devices running older versions of Microsoft Windows remain vulnerable to a recently discovered flaw in Microsoft's Remote Desktop Protocol service that could enable attackers to use a worm-like exploit to take over unpatched machines.