In a declassified letter to CIA Director William Burns and DNI Avril Haines from 2021, two U.S. senators urged transparency around alleged "bulk surveillance" conducted by the CIA in response to now-declassified documents compiled by the Privacy and Civil Liberties Oversight Board.
Bipartisan legislation introduced by two U.S. senators aims to kick-start the modernization of "outdated" health privacy laws by creating a commission to examine regulatory gaps, including how to address health data falling outside of HIPAA's reach.
Security teams for the Washington Department of Licensing are investigating suspicious activity affecting an online data management system called POLARIS, which has gone offline until further notice. The DOL is advising licensees who were affected to monitor their accounts and credit files.
The Sri Lankan government plans to implement the Unitary Digital Identity Framework, or UDIF, a national biometrics-based digital identity project. But cybersecurity experts familiar with India's Aadhaar program, whose framework Sri Lanka is set to use, have voiced concerns over data protection.
Are ransomware-wielding criminals running scared? That's one likely explanation for the sudden release this week of free, master decryption keys for three different strains of formerly prevalent ransomware: Maze, Sekhmet and Egregor.
Israeli officials announced they will set up a commission of inquiry to investigate reports that the nation's police force used the flagship spyware of Israeli firm NSO Group, called Pegasus, to hack the phones of Israeli public officials, journalists and activists.
Jameeka Green Aaron, CISO of Auth0, says, "We're not protecting technology; we are protecting people." Because of that, she is a strong proponent of "privacy by design" in security controls, and she strongly advocates for viewing fraud and privacy together - not separately.
A variety of underground markets exist to help malware-wielding criminals monetize their attacks, including via log marketplaces such as Genesis, Russian Market and 2easy, which offer for sale batches of data that can be used to emulate a victim, whether it's a consumer, an enterprise IT administrator or anyone in...
Two major EU pieces of legislation - the Digital Markets Act and the Digital Services Act - are about to change the digital landscape.
Academic Victoria Baines discusses how the proposed legislation might be problematic for information security.
As ransomware and other disruptive security incidents continue to surge, cyberattacks rank as the top health technology hazard in hospital environments this year, say security experts Chad Waters and Juuso Leinonen of patient safety organization ECRI.
In 2021, there were 1,862 data compromises - a 68% increase over 2020, according to the Identity Theft Resource Center's Annual Data Breach Report. "In this past year, there were more cyberattack-related data breaches than there were all forms of data breaches in 2020," says ITRC COO James E. Lee.
Israeli spyware company NSO's flagship product, Pegasus, was tested by the FBI, according to reports, prior to the company being sanctioned by the U.S in the wake of revelations of misuse of its tools. Now, U.S. venture capital company Integrity Partners is in negotiation to take control of the company.
Four ISMG editors discuss: how too many organizations fail to implement basic cybersecurity defenses - such as MFA; a proposed lawsuit against health insurer Excellus that calls for an improvement to its data security program; and strategies for securing open-source and other software components.
SLC Lab, a Florida county laboratory that performs drug testing, is notifying thousands of individuals of a web portal misconfiguration incident that left sensitive information accessible to others for more than four years. How can other entities avoid such incidents?
The U.S. Federal Bureau of Investigation has issued a warning to consumers about cybercriminals targeting people through maliciously crafted quick response - or QR - codes that direct them to links where their credentials and financial information are siphoned off.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.