Partners HealthCare System is the latest healthcare organizations to suffer a data breach following a phishing attack. But why did Partners wait five months to issue a breach notification, when HIPAA requires notifications within 60 days?
Partners HealthCare System announced that it is the latest healthcare organization hit by a data breach attributed to a phishing attack. The records of an estimated 3,300 individuals may have been compromised in the incident.
Psychologically speaking, nothing beats the power of a well-timed deadline. And love it or hate it, Google's 90-day "Project Zero" deadline for fixing flaws - before they get publicly disclosed - has rewritten bug-patching rules.
A federal banking regulatory agency has issued a warning about a new phishing campaign that aims to con consumers into disclosing personal and financial details by feigning to be a request from the regulator.
When IT veteran Branden Spikes founded his own company devoted to isolating browsers from attacks, he thought building the technology would be the top challenge. The venture capital community proved him wrong.
ITSERT's Rajan Raj Pant discusses the formation of ITSERT-NP to address Nepal's security challenges. How will the public-private partnership model be leveraged to create a central platform for cybersecurity?
The Anunak/Carbanak gang continues to rob financial services firms and retailers, in part with ATM malware. A new report says the cybercrime gang has stolen up to $1 billion from banks in Russia, the U.S. and beyond.
The Anthem breach, which possibly started with a phishing campaign, is a prime example of how hackers are perfecting their schemes to target key employees who have access to valued information, says Dave Jevans of the Anti-Phishing Working Group.
Anthem believes that the breach that has exposed up to 80 million individuals' information possibly began after a handful of employees fell victim to a phishing attack. Other attackers appear to be using the breach as a lure for their own phishing campaigns.
Lawmakers are more serious than ever about cybersecurity legislation. Their intent is to enact, but can they compromise on legislation to share cyberthreat information and nationalize data breach notification?
Emerging malware increasingly puts banks and their customers at risk for fraud. The sooner malware is detected and removed, the less likely banks are to suffer regulatory penalties and fines, and steep losses linked to fraud.
Spear phishing is going to be a leading worry for banks in 2015, as hackers increasingly target bank employees to compromise credentials used to access consumer and business accounts as well as critical servers and systems.