A Russian cybercriminal who used the Citadel banking Trojan to infect at least 7,000 PCs has received a 4.5 year jail sentence. Authorities tracked him in part thanks to his posts to a Citadel user group.
Reports that a Linux-based botnet has been lobbing 160 Gbps packet storms highlight how DDoS attacks remain alive and well. Experts also warn that DDoS attackers are mixing Windows and Linux malware and running extortion scams.
The HHS Office for Civil Rights should take 10 steps to strengthen its oversight of HIPAA Privacy Rule compliance as well as improve followup activities on reported data breaches, a government watchdog agency concludes in two new reports.
Even if China fails to live up to its promise to stop pilfering corporate trade secrets, as America's spy chief predicts, the U.S. could still benefit diplomatically from the two nations' cybersecurity agreement.
A new GAO report points out persistent cybersecurity weaknesses among the federal government's two dozen largest agencies. It also questions the comprehensiveness of the guidance inspectors general receive for auditing the IT security compliance of agencies.
It's been two years since enforcement of the HIPAA Omnibus Rule's modified breach notification requirements began. But the most significant changes in the federal tally of major health data breaches since then appear to have more to do with a surge in hacker activity than the new requirements under HIPAA Omnibus.
The hotel chain bearing 2016 U.S. presidential candidate Donald Trump's name has confirmed that its point-of-sale systems were malware-infected for more than a year, but it's downplaying the possibility that card data was exfiltrated or used to commit fraud.
The leader of a $24 million identity theft and tax refund fraud ring, which stole data from a military hospital, the Alabama Department of Public Health and others, has been sentenced to serve 15 years in prison. Experts recommend steps organizations can take to prevent such crimes.
Europe's successful migration to EMV, which began more than a decade ago, employed deadline shifts, education for cardholders and merchants and an approach based on PIN codes. Here are lessons for the in-progress U.S. migration to EMV.
The U.S. and China, as part of a cybersecurity agreement, have agreed not to conduct or knowingly support cyber-enabled theft of intellectual property with the intent of providing competitive advantages to companies or commercial sectors.
Security experts warn about a trio of new threats: GreenDispenser cash-out malware, the Shifu banking Trojan being spread via malvertising attacks and Neutrino crimeware getting an upgrade to steal payment-card data.
Federal auditors say a data repository used for data analysis and reporting for the Affordable Care Act, better known as Obamacare, had numerous data security shortcomings that have since been addressed. Security experts say the problems cited are common to many organizations.
The severity of the U.S. Office of Personnel Management breach continues to grow, with investigators now reporting that hackers stolen 5.6 million people's fingerprint data. The theft may have security implications well into the future.
The number of apps infected in the first large-scale Apple App Store malware outbreak is far higher than was first believed, according to the cybersecurity firm FireEye, which reports that at least 4,000 apps were infected with XcodeGhost malware.
A former wealth management adviser at Morgan Stanley pleaded guilty this week to stealing confidential client information. Some fraud-prevention experts say the investment banking firm could have taken steps to detect the suspicious insider activity sooner.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.