A new report says the Department of Health and Human Services has several security weaknesses that may have contributed to five recent data breaches. But are other healthcare entities guilty of the same mistakes?
Carphone Warehouse, a U.K.-based mobile phone retailer, is investigating a cyber-attack that may have breached personal information associated with up to 2.4 million customers, and card data linked to 90,000 accounts.
Neiman Marcus has asked a federal court to reconsider its decision to allow a consumer class-action suit to go to trial. If the retailer fails, legal experts say, it could mean a costly setback for breached entities.
Millions of Android devices are at risk from "Certifi-gate," a flaw that OEMs must patch, Check Point warns. Following Stagefright, Google and some manufacturers have promised to deliver monthly Android patches.
Numerous services are enabled by default in Microsoft's Windows 10, and as employees connect their BYOD equipment to corporate networks, the cloud, collaboration and location tie-ins could pose enterprise security risks, experts warn.
The toolbar distributed by Chinese-language search engine Baidu is being targeted by opportunistic attackers and used to exfiltrate corporate secrets, warns Rob Eggebrecht, president and CEO of the security firm InteliSecure.
Mergers and acquisitions, such as two pending mega-deals in the health insurance sector, pose security and privacy risks that need to be addressed before the transactions are completed, during the integration process and over the long haul.
The FBI says numerous financial services firms continue to face DDoS and stolen-data-dump threats from supposed hackers. Security experts say the only effective and sustainable defense is preparation - not payoffs.
The prices for stolen payment card data and other cybercrime products and services on Russian underground forums continue to fall. But the cybercrime ecosystem is more automated, effective and robust than ever, Trend Micro reports.
Post-OPM breach legislation aimed to toughen cybersecurity at federal government civilian agencies by requiring the implementation of state-of-the-art tools has passed the Senate Homeland Security and Governmental Affairs Committee.
U.S. banks and credit unions suing Target for reimbursement of costs associated with its massive 2013 data breach want a court to force the retailer to disclose more details about its breach and security practices.
Planned Parenthood has reportedly notified the FBI and Department of Justice of an apparent hack attack against the organization. An anti-abortion group that calls itself 3301 is taking credit for the hack.
Gene Fay of Resilient Systems says the traditional method of solving risk issues through technologies no longer works. Instead, he says, security must be built on the foundation of an effective incident response plan.