The Department of Health and Human Services is gearing up for its first-ever round of HIPAA compliance audits of business associates, and is also developing new guidance aimed at helping organizations deal with a surge in cyber threats.
All in the family: A "sophisticated attacker" alert from US-CERT, urging enterprises to lock down their networking gear, was triggered by the leak of exploit tools - targeting, in part, U.S.-built networking gear - that may have been tied to the NSA.
Microsoft has released a slew of security fixes to patch critical vulnerabilities, including in its IE and Edge browsers. One zero-day flaw, fixed via a Microsoft Office patch, has been exploited in the wild for more than two years.
An undercover test by a federal watchdog agency found that previously identified process-related weaknesses persist that could potentially allow individuals to fraudulently enroll in subsidized health insurance programs via federal and state Obamacare online insurance exchanges.
Fancy Bear strikes again: the suspected Russian hacking group released confidential medical records for four U.S. Olympic athletes, falsely contending the documents prove illegal drug use by the Olympians.
The cybercrime sector involves a rapidly growing services economy that provides everything from bulletproof hosting and stresser/booter DDoS on demand, to ransomware-as-a-service and sites that offer to launder bitcoins via a process known as tumbling.
The paradigm shift in security from prevention to detection and response has finally arrived in Asian markets, says Sid Deshpande, Gartner principal analyst, who shares insights on 2016 trends.
Is recently issued guidance from federal healthcare regulators clarifying when a ransomware attack needs to be reported starting to have an impact? Two recent breach notifications could be an early indication that the answer is yes.
A Londoner who pleaded guilty to hacking into a gold bullion trading company's computers so criminal associates could intercept gold shipments has been sentenced to serve more than five years in jail.
Bank watchdog Sen. Elizabeth Warren is going after Wells Fargo for violating the privacy of bank customers. This news leads the latest edition of the ISMG Security Report.
The massive Sony breach spelled out the risks facing any business that deals in digital content. Here's how David Hahn, CISO of publishing giant Hearst, keeps the cybersecurity conversation going with his board of directors.
A watchdog agency report highlighting data security violations by a Department of Veterans Affairs medical contractor offers a reminder to all healthcare organizations about similar risks their business associates can pose - especially if BAs are inadequately monitored.
Two men have been arrested by Israeli police, at the request of the FBI, in connection with an investigation into the vDos site, which provided distributed denial-of-service - a.k.a. stresser or booter - attacks on demand.
SentinelOne, one of a batch of vendors using machine learning to conquer malware, says it will not integrate its behavioral detection engine into Google's VirusTotal service. CEO Tomer Weingarten claims the investment wouldn't provide a worthwhile return.
Two men allegedly tied to the hacking group "Crackas With Attitude" have been arrested as part of an investigation into hacks of U.S. government systems and senior government officials, including CIA Director John Brennan's personal AOL email account.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.