A misconfigured database at UW Medicine in Washington state that left patient data exposed on the internet for several weeks resulted in a breach affecting almost 1 million individuals. Why are breaches caused by such misconfigurations so common?
A rush by some media outlets to attribute a late-2018 alleged Ryuk ransomware infection at Tribune Publishing to North Korean attackers appears to have been erroneous, as many security experts warned at the time. Rather, cybercrime gangs appear to be using Ryuk, according to researchers at McAfee and Coveware.
A Congressional committee is demanding Facebook provide answers concerning a complaint filed with the FTC alleging misleading privacy practices involving personal health information. The complaint also alleged a data leak exposed the names of over 10,000 cancer patients participating in a Facebook group.
Technology giants stand accused by a U.K. parliamentary committee of risking democracy in pursuit of profit, acting as monopolies and blocking attempts to hold them accountable. But Parliament's probe into disinformation and "fake news" reserves special scorn for Facebook CEO Mark Zuckerberg.
Among the hundreds of responses to a federal request for comments about potential changes to the HIPAA rules were suggestions for "safe harbors" that would shelter organizations with strong security strategies from HIPAA enforcement actions after a health data breach.
Good news for many victims of GandCrab: There's a new, free decryptor available from the No More Ransom portal that will unlock systems that have been crypto-locked by the latest version of the notorious, widespread ransomware. But the ransomware gang appears to already be prepping a new version.
The internet is composed of a series of networks built on trust. But they can be abused due to weaknesses in older protocols, such as Border Gateway Protocol and the Domain Name System, which were not designed to be secure and are now being abused for online crime and espionage.
A security consultancy discovered Facebook user data exposed in two different places online without authentication or encryption. The data, which is now offline, came from an Android app that purported to offer statistical information to logged-in users.
Britain's intelligence establishment has reportedly concluded that any risks posed by Chinese-built Huawei networking equipment used as part of the country's 5G rollout can be minimized if the process is appropriately managed.
A famed British computer security researcher has lost several key motions in a federal hacking case that stems from his alleged contribution to two types of banking malware. The rulings could complicate the challenges for the defense team of Marcus Hutchins, who remains in the U.S.
ISMG and Zscaler hosted a roundtable dinner in Denver focused on security's role in digital transformation. Cultural and leadership challenges were major themes of this discussion, and Bil Harmer, Americas CISO with Zscaler, discusses his takeaways in this exclusive eBook transcript.
Bil has been in Information...
A former U.S. Air Force counterintelligence agent was indicted for disclosing classified information and helping Iran compromise the computers of other U.S. intelligence agents. The case marks another damaging leak for the American government.
The 2019 RSA Conference offers an opportunity to learn about new concepts across all aspects of cybersecurity. One such area is "data gravity," which will be the topic of a session featuring Microsoft's Diana Kelley and Sian John. They discuss the concept in a joint interview.