The U.S. Department of Health and Human Services has put its Office for Civil Rights in charge of investigating and penalizing organizations that breach the confidentiality of substance abuse disorder records. Some fear the agency doesn't have the bandwidth to enforce both HIPAA and 42 CFR Part 2.
A New York City healthcare system has agreed to pay nearly $5.3 million to settle a proposed class action lawsuit alleging that the hospital's use of online tracking tools in its patient portal and website sent patient information to Facebook without their knowledge or consent for years.
Some organizations are hesitant about implementing artificial intelligence tools in their enterprises because of accuracy, security and privacy concerns. That hesitation creates opportunities for professionals who can bridge the gap between technical potential and practical deployment.
Hacksclusive, a cybersecurity startup based in Groningen, Netherlands, launched with a bold vision: to transform traditional pentesting by delivering recurring, transparent testing - far beyond static PDF reports. Since January 2023, the team of 5 pentesters and 4 trainees have onboarded more than 25 clients...
The 2024 SecureIQLab Cloud WAAP CyberRisk Comparative Validation Report assesses 12 leading WAAP solutions on both security efficacy and operational efficiency. Tested against 3,500+ real-world attack scenarios, including OWASP Top 10 and advanced threats, the report gives enterprises clear insights into which vendors...
Protecting applications, APIs, and data is critical for business continuity and customer trust. Modern application security balances strong defense with seamless performance, covering OWASP Top 10 risks, advanced bots, DDoS, and client-side threats through a layered, defense-in-depth approach. This whitepaper talks...
Web Application Firewalls (WAFs) are now central to application protection, evolving into cloud-based solutions that secure apps and APIs across hybrid and multicloud environments. With expanded capabilities in bot management, API defense, and client-side security, WAFs are becoming full platforms that help security...
Two major U.S.-based insurers - Farmers Insurance and Aflac Inc. - have each reported to regulators data breaches involving two recent separate cyberattacks. The breaches follow a spring and summer spree of data exfiltration incidents that hit multiple large players in the insurance sector.
As AI-driven applications grow, so does the attack surface for automated threats, increasing risks to APIs and prompting stricter regulations. In 2025, compliance frameworks will emphasize robust bot mitigation and API security to protect AI models, sensitive data, and critical infrastructure. To get ahead of these...
APIs are the driving force behind rapid innovation and seamless integration across web and mobile platforms. As they become more integral to your business, APIs also become prime targets for sophisticated bot attacks. These attacks exploit business logic vulnerabilities, potentially leading to devastating financial...
Nuance Communications, a Microsoft subsidiary, has agreed to pay $8.5 million to settle class action litigation filed after hackers exploited a zero-day flaw in Progress Software's MOVEit file transfer software in 2023, stealing data belonging to more than a dozen of Nuance's healthcare clients.
Inotiv, a drug research and development firm, told federal regulators that it's been dealing with a cyberattack since Aug. 8 that has encrypted some IT systems and data, and is disrupting certain business operations. Ransomware gang Qilin has listed the company as a victim on its dark website.
U.S. Director of National Intelligence Tulsi Gabbard announced the United Kingdom has apparently reversed course on a demand for Apple to provide the government with a backdoor into its advanced iCloud encrypted protections following growing criticism from U.S. lawmakers and privacy advocates.
Stay ahead in the fight against financial crime with the BSA/AML Compliance Guide. As criminals grow more sophisticated, modernization isn’t optional—it’s essential. This guide breaks down the latest regulatory updates, including FinCEN’s 2024 rulemaking, and shows how to transform compliance into a smarter,...
An investigation into a ransomware breach reported in 2020 as affecting the protected personal information of 170,000 people led to a $175,000 fine against a certified public accounting and consulting firm. Regulators also required the company to implement a corrective action plan in the settlement.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
