Vulnerable firmware has been highlighted again in a range of low-cost Android phones, raising concerns over their security. This latest incident comes 11 months after security analysts first raised flags.
Adobe will pay a small financial penalty to 15 states to resolve consumer protection and privacy claims following a data breach that affected 38 million active user accounts. The company's legal fees associated with the incident are likely far higher than the settlement amount, experts say.
If President-elect Donald Trump fulfills a campaign promise to repeal Obamacare - which could result in the dismantling of HealthCare.gov and state health insurance exchanges - great caution will be needed to protect the data of millions of consumers contained in those systems.
Last month, the FFIEC issued an FAQ about its Cybersecurity Assessment Tool, reiterating that use of the tool is voluntary. But some critics say regulators are still questioning institutions about their use of the tool during IT examinations, meaning its use is not truly voluntary.
President-elect Donald Trump hopes to dismantle Dodd-Frank, which could spell trouble for the Consumer Financial Protection Bureau - an agency created in 2010 to protect consumers from unfair, deceptive and fraudulent business practices.
Most - but not all - ransomware attacks against healthcare organizations are reportable breaches requiring notification to affected individuals and federal regulators, Deven McGraw, deputy director of health information privacy at the HHS Office for Civil Rights, explains in this video interview.
An analysis of how the Donald Trump administration will address health IT security and privacy leads the latest edition of the ISMG Security Report. Also, the ramifications of a big breach, and an FBI agent tackles ransomware.
Western experts evaluating China's new cybersecurity law contend it will do very little to safeguard information but will erode privacy rights and make it harder for foreign enterprises to do business in China.
The success of Operation SAMBRE, a global cybercrime investigation into the theft of billions of dollars from banks throughout the world, proves why information sharing between law enforcement and the private sector is key to battling cybercrime.
A federal court of appeals has granted a temporary "stay," or delay, in implementing the FTC's consent order against LabMD while the now-shuttered cancer testing laboratory pursues its appeal of the commission's July ruling in the dispute over the lab's information security practices.
Yahoo in 2014 spotted that an attacker - later revealed to have compromised 500 million accounts - was inside its network, according to a new SEC filing. With Yahoo's $4.8 billion sale to Verizon still pending, the admission adds to the search giant's complications.
A group that hacked the Democratic National Committee - believed to be operating from Russia - has resumed its spear-phishing attacks, including fake emails bearing the names of Harvard University and the Clinton Foundation.