A cybersecurity vulnerability discovered in open source software used by organizations conducting genomic analysis could potentially have enabled hackers to affect the accuracy of patient treatment decisions. But the vulnerability was patched before hackers took advantage of it, researchers believe.
An effective third-party risk management program starts with asking the right questions, says Brad Keller, chief strategy officer and senior vice president at the Santa Fe Group, a strategic advisory company, who spells out key issues to address.
Cloudflare was unsparing in its criticism of Verizon over a BGP snafu that hampered 15 percent of its global traffic, as well as traffic of Amazon and Google. Verizon's error underscores that much heavy lifting remains to make critical internet infrastructure secure.
Hackers have repeatedly stolen valuable data - including launch codes and flight trajectories for spacecraft - from NASA's Jet Propulsion Laboratory in recent years, according to a new inspector general audit, which describes weak security practices.
License plate and traveler photos collected at the U.S. border have been compromised after a federal government subcontractor was hacked. While Customs and Border Protection officials claim the image data hasn't been seen online, security experts say it's already available for download via a darknet site.
Infosecurity Europe returns to London June 4-6, featuring more than 230 sessions over three days covering a range of topics, including application security, automation, data protection, risk management, incident response and threat analysis. Here's a preview of 11 hot sessions.
On the sixth stop of a multi-city tour, ISMG and Sonatype visited San Francisco for an engaging discussion on how to mitigate risks introduced by open source software. Sonatype CMO Matt Howard discusses the relevance and value of this application security conversation.
With cyberattacks, online espionage and data breaches happening at a seemingly nonstop pace, Western intelligence agencies are bringing many of their capabilities out of the shadows to help businesses and individuals better safeguard themselves and respond. We need all the help we can get.
A sophisticated attack campaign dubbed "Operation ShadowHammer" involved an advanced persistent threat group planting backdoors within Asus computers by subverting the Taiwan-based PC maker's third-party supply chain and updater software, Kaspersky Lab warns.
Many healthcare organizations are falling short in their incident response plans, says Mark Dill, principal consultant at tw-Security. The former director of information security at the Cleveland Clinic discusses best practices for keeping those programs current in an interview at the HIMSS19 conference.
Healthcare organizations should steer clear of connecting internet of things devices to their networks unless they serve a precise medical purpose, says attorney Julia Hesse, a featured speaker at the HIMSS19 Conference.
Efforts to exploit U.S. election security continue, and China, Russia, Iran and North Korea's "cyber espionage, attack and influence capabilities" pose an increasing threat, Director of National Intelligence Dan Coats told the Senate Intelligence Committee.
Information about more than 14,000 HIV patients included in a Singapore health registry was exposed online in what appears to be an inside job. The incident illustrates the importance of safeguarding sensitive health data, such as by implementing behavioral analytics.
Special Counsel Robert Mueller's investigation into Russian interference in the 2016 U.S. presidential elections has led to 199 criminal charges, 37 indictments or guilty pleas and four prison sentences so far. But some key questions remain unanswered.