Java users are being warned to only use newly released installers to avoid a nasty potential exploit. Meanwhile, a veteran bug hunter questions whether Oracle's move to ditch Java browser plug-ins will have a significant security upside.
The new EU-U.S. data transfer agreement will be called "Privacy Shield." Beyond that, however, the actual details of the agreement - and whether it will pass muster with the EU's privacy commissioners or high court - appear to be a work in progress.
The Obama administration's initiative to move much of the U.S. federal government's security clearance responsibilities to the Defense Department from the Office of Personnel Management is receiving mixed reviews from security experts and lawmakers.
Why is devising a reliable patient identifier such a critical issue? Because matching a patient to the wrong records creates serious safety risks as well as privacy problems, says CIO Marc Probst, who explains in an interview how he's tackling the issue at Intermountain Healthcare.
It's time to start to think about the cybersecurity agenda for the 45th president of the United States, who takes office a year from this week. What's on your list of cybersecurity challenges the next president must tackle?
Here's why the acquisition of rival threat-intelligence firm iSight Partners by breach investigation heavyweight FireEye makes sense, and why market watchers predict that other stand-alone intelligence firms will soon get snapped up.
Reliable data specifying the number of people employed in the United States in cybersecurity field is hard to find. But one government survey shows a 5 percent increase among information security analysts in 2015.
HealthcareInfoSecurity announces its fourth annual list of top influencers, recognizing leaders who are playing significant roles in shaping the way healthcare organizations approach information security and privacy.
The New York Attorney General's settlement with taxi-hailing platform Uber - over alleged customer data privacy violations and a delayed data breach notification - provides a best practice security template for any organization that handles customer data.
In the wake of Juniper Networks finding "unauthorized code" in its firewall firmware that could be used to remotely access devices and encrypted communications, Cisco is reviewing its own code for signs of tampering. Will other vendors follow suit?
In the largest monetary award obtained by the FTC in an enforcement action, LifeLock has agreed to pay $100 million to settle a case that, in part, stemmed from the identity protection company failing to establish and maintain an information security program to protect customers' personally identifiable information.
As it continues to ramp up its cybersecurity enforcement efforts, the FTC could take action next year against consumer wearable device makers if they fail to live up to their promises to protect the privacy of health data and other information, says researcher Stephen Cobb, who also expects scrutiny from the FDA.
After years of failing to enact cyberthreat information-sharing legislation, Congress is poised to vote on a measure this week that would incentivize businesses to share voluntarily threat data with the federal government and with each other.
A former U.S. State Department employee has pleaded guilty to running a "sextortion" scheme from the U.S. Embassy in London that was designed to compel young women to share sexually explicit photographs, according to the FBI.