Ransomware hackers are stretching the concept of code reuse to the limit as they confront the specter of diminishing returns for extortionate malware. In their haste to make money, some new players are picking over the discarded remnants of previous ransomware groups.
A former employee of an Arizona hospital has been sentenced to federal prison and ordered to pay restitution to victims after pleading guilty to criminal HIPAA violations and his participation in an identity theft scam that compromised the data of nearly 500 patients.
The Biden administration stepped up regulatory enforcement against cryptocurrency trading platforms in consecutive lawsuits targeting Binance and Coinbase for alleged violations of securities laws. "We already have digital currency. It's called the U.S. dollar," said U.S. SEC Chairman Gary Gensler.
At the EU cybersecurity agency ENISA's recent conference on the cybersecurity upsides and downsides of AI chatbots, presenters urged "preparedness," recommending that cybersecurity professionals track the "warp speed" evolution of chatbots to target emerging risks as well as opportunities.
In this post of his blog "A CISO's View," security director Ian Keller discusses the importance of having mechanisms in place to report potential personal compromise or potential compromise of another person in your company and provides simple steps for making security everyone's responsibility.
Manual API discovery is impossible due to the sheer number of APIs available, their constant changes, poor documentation, different formats and protocols, and different authentication and security requirements. Given these challenges, the solution is to use automated API discovery tools.
The Federal Trade Commission has filed an amended complaint against Kochava, as allowed by a federal judge who last month dismissed the agency's first shot at a lawsuit seeking to permanently stop the data analytics firm from selling geolocation data collected from mobile devices.
Federal regulators have once again smacked a healthcare provider with a HIPAA settlement involving patient protected health information that was disclosed in response to a negative online review. Manasa Health Center will pay $30,000 and implement a corrective action plan, HHS said.
The Iowa Department of Health and Human Services has reported to federal regulators its third major health data breach involving a vendor since April. This time, Iowa HHS/Medicaid says the data of nearly 234,000 individuals was compromised in a mega hack recently reported by MCNA Insurance Co.
Technology and software-as-a-service, or SaaS, companies ship code at scale. Beyond Identity offers ways for them to solve the problems of phishable authentication factors, bring-your-own devices or BYOD, device security posture, zero trust risk policy enforcement, and user identity.
Microsoft is warning investors it may receive a fine from European privacy regulators adding up to at least hundreds of millions of dollars over targeted advertising on its LinkedIn social network. European authorities have shown increased willingness to use the GDPR to limit targeted advertising.
A federal judge declared a mistrial in the criminal HIPAA conspiracy case against a married couple, both doctors, after the jury deadlocked on whether the two had been entrapped by the U.S. government into providing patient records to a supposed Russian operative. Prosecutors will seek a retrial.
A flurry of legal complaints and a lawsuit have been filed against the city of Oakland, California, after it fell victim to a ransomware attack. The Play group claimed credit for the attack and posted some of stolen information, which includes personal details, ID numbers and health information.
This week: Amazon settled privacy and cybersecurity investigations with the U.S. FTC, SAS received a $3 million extortion demand and apparently Ukrainian hacktivists penetrated Russia's Skolkovo Foundation. Plus, breaches at Onix Group and Toyota and a warning about Salesforce "ghost sites."
Understanding how your digital health vendors approach cybersecurity, assess and respond to risk, and plan for incident response is critical to protecting your organization. Here is a set of steps to determine if your vendor is serious about their role in protecting patients.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.