Don't trust the internet of things to maintain common-sense boundaries - or your privacy - as evidenced by a lawsuit against "sensual lifestyle products" manufacturer We-Vibe, alleging that its products tracked customers' usage patterns, indexed by their email addresses.
U.S. prosecutors are expected to soon issue indictments charging four individuals with launching hack attacks against Yahoo, Bloomberg reports. But it's unclear to which of the two massive Yahoo breaches the charges might relate.
FireEye's Mandiant investigative unit is seeing a revival in tried-and-true hacking techniques, ranging from social engineering to the snatching of OAuth tokens. Why are these old techniques still working?
Little by little, the Trump administration is filling key leadership positions in the Department of Health and Human Services that can have an impact on privacy and security issues. Could these new leaders make big changes?
Search giant Yahoo suffered two massive data breaches under the tenure of CEO Marissa Mayer. But when the company wraps up the sale of its primary businesses to Verizon for $4.5 billion, she's set to exit with an extra $23 million in compensation.
An important theme that emerges from the HHS Office for Civil Rights' dozens of HIPAA settlements is that all aspects of compliance are critical and subject to close scrutiny by federal regulators, says former OCR director Leon Rodriguez.
Little is known about Evgeniy M. Bogachev, the alleged hacker and Gameover Zeus botnet mastermind. There are clues, however, that he's been helping Russian intelligence agencies, according to a new report. If true, that wouldn't be a surprise.
FBI Director James Comey worries about data corruption, and he's focused on hackers altering data. But if government leaders feed false information into computer systems, what should IT and IT security practitioners do to protect data integrity?
A groundbreaking study from RAND Corporation quantifies the stakes around how zero-day software vulnerabilities get discovered and persist, bringing hard facts to bear on related - and contentious - debates surrounding vulnerability disclosure and public safety.
So far in 2017, hacking incidents continue to affect the largest number of individuals impacted by major health data breaches. Meanwhile, incidents involving unencrypted computing devices continue to decline, according to the federal breach tally.
Confide, an encrypted messaging application, received a surge of attention after White House officials began using it for leaks. But a teardown of the app by two security firms revealed a raft of serious security issues.
A look at the return of the Crypt0L0cker ransomware leads the latest edition of the ISMG Security Report. Also, assuring the security of medical devices; and U.S. federal prosecutors drop charges against a child porn suspect rather than reveal the hacking technique used to ensnare him.
The U.S. government has opted to drop an indictment against a child pornography suspect rather than reveal the software exploit used to identify him. The case highlights how the use of legal hacking techniques by law enforcement agencies can create complications in court.
In the history of data breaches, Cloudflare's recent breach was strikingly unique, in that a software bug caused a random regurgitation of data from server memory. But a postmortem from CEO Matthew Prince should put most people's concerns to rest.
The European Union's General Data Protection Regulation, which will be enforced beginning in May 2018, will affect organizations throughout the world because it applies to any company that handles Europeans' personal data, says Fred Kost of HyTrust.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.