Homepage

This week’s breach roundup includes multiple data thefts and is led by the continued impact of an Eye Care Leaders ransomware attack, which includes Regional Eye about 194,000 patients.

When cybersecurity experts discuss “whaling,” they are looking at how cybercriminals target high-level executives with an eye to stealing the most privileged information and getting access to the most sensitive data.

HSCC medical device contracting guidance outlines what’s needed to ensure strong security policies between providers and manufacturers: sometimes that means paying more upfront for better measures.

The influential Ransomware Task Force saw its inaugural report, released 13 months ago, become the backbone of global debates on ransomware. But its new report, titled "One Year On" acknowledges one of the harsh truths of gauging progress: Data on ransomware remains unreliable, which some in the infosec community say diminishes the urgency required to rally appropriate response.

Instances of Log4j have drastically reduced among entities with advanced security tools like automation. But in healthcare the vulnerability has only highlighted continued resource gaps.

The Department of Justice is significantly revising how it interprets the nation’s premier hacking law, saying it will no longer bring cases against “good faith” security researchers or individuals who violate trivial or non-material parts of a company’s policies or terms of service.

Approov plans to expand its staff fivefold in the next few years as it focuses on using the cloud to protect API secrets for customers.

The popular, headless CMS Strapi patched two vulnerabilities that allowed users with lower levels of privilege to see data only higher privileged users were cleared to see — including information allowing account takeover.