The Department of Health and Human Services is lowering its top fines for less egregious HIPAA violations. Meanwhile, it's pledging to make a "big push" to enforce patients' right to access their health records. What's the potential impact?
An independent security researcher is warning about a vulnerability in peer-to-peer software used in millions of IoT devices that could allow a hacker to eavesdrop on conversations or turn these items into a botnet.
As governments around the world continue plans to build out their nations' 5G networks, worries persist about whether Chinese manufacturers can be trusted. But the British government apparently is ready to allow Huawei to supply "noncore" parts of its network, and the Netherlands may be ready to follow suit.
Access risk: Security leaders understand their governance and technology challenges. But addressing them with new automated tools - and selling these new processes within their organizations? Those are the problems attendees attempted to solve at a recent dinner in Philadelphia.
Canada's privacy commissioner says Facebook violated its privacy laws by failing to protect users' personal data. The commissioner plans to take Facebook to federal court for allegedly refusing to implement recommendations to strengthen its privacy framework.
Nearly one year after the EU's new privacy law came into effect, the U.K.'s National Cyber Security Agency continues to assist organizations that suffer cybersecurity attacks. Both NCSC and law enforcement agencies this week emphasized that they will never report breach victims to privacy watchdogs.
The latest edition of the ISMG Security Report describes how a Facebook Marketplace glitch created serious privacy issues. Plus: An update on the activities of the FBI's Recovery Asset Team and HSBC whistleblower Everett Stern's preview of keynote address at upcoming ISMG Fraud and Breach Summit in Chicago.
The risks posed by third-party vendors are a top concern for Aaron Miri, CIO of University of Texas at Austin's Dell Medical School and its affiliated UT Health Austin group practice. He explains steps he's taking to help mitigate those risks.
A recent cyberattack on a California medical imaging and oncology services provider, which prohibited access to patient data, is one of the largest health data breaches reported so far this year.
TA505, a sophisticated advanced persistent threat group, is now using legitimately signed certificates to disguise malware that can penetrate banking networks, security researchers warn in a new report.
Facebook has set aside $3 billion from its first quarter profit to pay for what is likely to be a record-breaking fine from the U.S. Federal Trade Commission. But will mega-fines lead to the reform of tech giants' questionable privacy and security practices?
The director of Britain's GCHQ intelligence agency said at this week's CyberUK conference that declassifying and putting "time-critical, secret information" for stopping online threats into the public's hands "in a matter of seconds" is an imperative.
Google is facing questions from Congress about Sensorvault, its database that stores the geolocation data of millions of Android users, which has sometimes been shared with police as part of criminal investigations.
A sophisticated supply-chain attack dubbed Operation ShadowHammer is becoming more pervasive, with the group targeting online gamers, security researchers at Kaspersky Lab warn.
For the first time, members of the secretive "Five Eyes" intelligence-sharing group will make a joint public appearance to discuss how they collaborate, sharing a stage in Glasgow, Scotland, during the CyberUK conference. The Five Eyes alliance comprises Australia, Canada, New Zealand, the U.K. and U.S.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.