A developer warns that Dropbox gains wide-ranging access to Apple's OS X operating system using a SQL trick that some equate to hacking users' systems. Here's why giving a desktop app unusual access to Apple's privacy settings poses a security risk.
Have you been the target or victim of ransomware-wielding attackers? The FBI wants individuals and businesses to report ransomware attacks to help it better pursue, disrupt and potentially arrest suspects.
B. Vindell Washington, M.D., the new head of the Office of the National Coordinator for Health IT, pledges that the agency's top priority of advancing standards-based interoperable, secure health data exchange will continue under his leadership. But what will happen once a new president is elected?
The handling of a recent data breach - the details of which are still unfolding - by Oakland, Calif.-based web services company Regpack provides a look into how the discovery and disclosure of a breach can turn into a real train wreck.
The Department of Health and Human Services is gearing up for its first-ever round of HIPAA compliance audits of business associates, and is also developing new guidance aimed at helping organizations deal with a surge in cyber threats.
All in the family: A "sophisticated attacker" alert from US-CERT, urging enterprises to lock down their networking gear, was triggered by the leak of exploit tools - targeting, in part, U.S.-built networking gear - that may have been tied to the NSA.
A watchdog agency report highlighting data security violations by a Department of Veterans Affairs medical contractor offers a reminder to all healthcare organizations about similar risks their business associates can pose - especially if BAs are inadequately monitored.
Those who embrace good cyber hygiene in their personal lives are likely to be more aware of information security on the job as well, says Steve Durbin of the Information Security Forum, who'll deliver a keynote address at Information Security Media Group's Fraud and Breach Prevention Summit in Toronto.
Chipmaker Intel will spin out its Intel Security unit - once again named McAfee - with a value that's markedly lower than what it paid. Meanwhile, long-gone founder John McAfee is suing for the right to launch a new security company bearing his name.
A lawsuit filed by St. Jude Medical claims that a recent report alleging dangerous cybersecurity vulnerabilities in its implantable cardiac devices was financially motivated and contained false statements and "market-bombshell scare tactics."
The breach of porn site Brazzers - which allows users to swap fantasies in online forums - begs the question of how many users employed throwaway usernames and passwords. Some 1,446 U.S. military and 41 U.S. government email addresses were found in the data dump.
If Russia is, indeed, meddling with the U.S. election, there's an obvious explanation: It's irritated by U.S. policy. But if Russia's frustration is being expressed through cyberattacks, how can the U.S. respond?
A former administrative worker at a Florida pediatric practice has been indicted in federal court along with two others for alleged identity theft and fraud crimes involving stolen patient information. But why didn't prosecutors file HIPAA-related criminal charges?
Tens of thousands of Cisco Adaptive Security Appliance devices remain vulnerable to a zero-day exploit released last month as part of the Equation Group toolset dump by Shadow Brokers, according to scans conducted by security firm Rapid7.