Three recently disclosed health data security incidents - including the discovery of a large email hack that happened nearly a year ago - serve as reminders of the ongoing incident response challenges facing healthcare organizations. And these difficulties are likely to worsen during the COVID-19 crisis.
IT services and consulting giant Cognizant is still assessing the damage from a ransomware attack on Friday. And it's warning that the incident is disrupting services to some of its clients and could affect the company's revenue.
About 267 million Facebook user IDs and other user information is being offered for sale on a dark net site for about $540, according to cybersecurity intelligence firm Cyble, which says the data, which does not include passwords, could be used for phishing and other schemes.
The use of telehealth is ramping up as a result of the COVID-19 pandemic. Now, the latest arrest in connection with a $410 million healthcare fraud case that includes a multi-million dollar telemedicine-related fraud scheme serves as a cautionary tale of how fraudsters can abuse telehealth.
All contact-tracing apps for combating COVID-19 must be developed in an open and transparent manner, remain voluntary, be based on Bluetooth, and allow users to opt in, or else they risk making the global pandemic even worse, 200 of the world's leading scientists and researchers have warned.
The U.S. Treasury Department is anticipating fraud as the IRS distributes about $300 billion in direct cash payments to Americans to provide economic relief during the COVID-19 pandemic. Russian-speaking fraudsters already appear to be trying to game the IRS's online systems, one security expert notes.
Massachusetts and Indiana have reached separate settlements with Equifax over the 2017 data breach that exposed the personal information of millions of residents of both states. The company will pay a total of almost $38 million to settle with the states.
With $30 million in funding, Silicon Valley icons Jim Clark and Tom (TJ) Jermoluk launched Beyond Identity, a new identity management platform that promises "the end of passwords." Jermoluk discusses the technology and how this is a continuation of what he and Clark started 25 years ago.
CISA issued a warning to organizations running Pulse Secure VPN servers that their networks may still be vulnerable to hacking even if they applied patches for a previous flaw. Attackers are now using stolen Active Directory credentials to access networks.
"Fraud guides" designed to assist cybercriminals in carrying out schemes that leverage stolen financial or personal data are the most common offerings on three prominent dark net marketplaces, according to security firm Terbium Labs.
For many cybercrime investigators, it's all about indicators of compromise - evidence that a crime has occurred. But what if you were to shift toward cataloging behaviors that could indicate an attack is ongoing or imminent? Sam Curry of Cybereason explains the IoB concept.