A former CIA software engineer who is facing child pornography charges is a possible suspect in the largest-ever leak of classified information from the spy agency. While Joshua A. Schulte has not been charged with the leak, prosecutors have indicated they will soon indict him.
Researchers at the University of Cambridge, via a myPersonality test on Facebook, reportedly used data from 3 million users to power a spin-off company that delivered targeted advertising services. Facebook says the app is one of 200 that it's suspended for suspicious data handling practices.
For over a decade, a crucial part of fraud detection has been assigning an identity to every laptop, tablet, and mobile device that accesses a website or app. Such a fingerprint is a representation of hundreds of different device-specific values taken from an end user's device.
Today's device fingerprinting...
One of the leading mobile-based financial services targeted at millennials approached Simility to help fight fraud. Simility provided an end-to-end solution which included customized models for their specific needs.
Fraudsters were using the company's customer accounts to funnel money via stolen identities. But...
Speech recognition software vendor Nuance Communications says an unauthorized third party accessed one of its medical transcription platforms, exposing records for 45,000 people. The company has blamed the breach on a former employee, who accessed personal data from several of Nuance's clients.
Compliance comes down to behavior. Ask yourself: are your users utilizing protected data sets in an appropriate manner? While most organizations focus on establishing security controls around access, the true test of compliance revolves around visibility into what users do after accessing data.
In the financial...
At its core, compliance for HIPAA is simply about maintaining patient privacy by ensuring your users appropriately access and use patient data. Electronic Health Record (EHR) solutions provide detail around when patient data is accessed.
The challenge, however, is the lack of visibility into what users do with...
Spectre and Meltdown: It's déjà vu all over again as Intel is reportedly prepping a coordinated vulnerability disclosure announcement for eight new speculative execution flaws. One of the new flaws is apparently worse than any of the three Spectre/Meltdown variants that came to light in January.
Equifax says it continues to field queries from U.S. lawmakers about the full extent of its massive 2017 data breach, which occurred after an attacker exploited its unpatched Apache Struts web application. Research finds that many more organizations are using unpatched Struts applications.
Australia's Commonwealth Bank has confirmed that two magnetic tapes containing transaction information for 19.8 million accounts went missing two years ago after mishandling by a subcontractor. A forensic investigation concluded the tapes were likely destroyed, and no fraudulent activity has been detected.
Cambridge Analytica, the data analysis firm that reportedly received data on up to 87 million Facebook users without their consent, shut down on Wednesday. The company had worked on the 2016 campaign of U.S. President Donald Trump. But its backers have launched a new firm, called Emerdata.
Mark Jaffe is less concerned about how adversaries breach networks, but more concerned about how to secure their actual target - critical data. His startup company, Allure Security, intends to help secure that data.
In today's dynamic healthcare environments, new cyber vulnerabilities and risks open as fast as older ones get remedied. As attackers become more sophisticated, and as IT innovation continues to pick up pace, the escalation of cyber risk can easily overwhelm organizations with limited resources.