The Finnish security provider F-Secure concludes the attack e-mail doesn't look too complicated. In fact, it's very simple. But the exploit inside Excel was a zero-day attack at the time and RSA couldn't have protected against it by patching its systems.
The FDIC says the number of banks on its "Problem List" dropped during the second quarter of 2011, the first quarter-to-quarter decrease since 2006. But the failure respite could be short-lived, if the economy falls back in to recession.
The bright spot is that 36 percent of the takeover incidents reported in 2010 were stopped before fraudulent funds transfers were approved. That's an improvement from 2009, when only 20 percent were thwarted.
The American National Standards Institute has begun accepting applications from organizations that want to be accredited to certify electronic health records software for the HITECH Act EHR incentive program.
Fraud is a global concern, and an area regulators and financial institutions the world-over are watching closely, says Bill Isaac. Whether a cyberthreat or mortgage fraud, investments in fraud prevention will continue, despite the state of the international economy.
Preliminary results of our inaugural Healthcare Information Security Today survey, which is still open for participation, show that only about half of healthcare organizations have a plan in place to comply with the HITECH Act breach notification rule.
A federal proposal that would require healthcare organizations to provide patients with a report listing everyone who has electronically accessed their records needs revamping, two regulatory experts agree.
A new, free guide on Facebook security, though geared for users, details the practices chief information security officers and other organizational security practitioners should share with their staffs to assure not only safe Internet hygiene when workers access Facebook from work, but for use with other social media...
Various committees in both houses claim jurisdiction over different aspects of IT security, and intra-house squabbling can cause a bill to get lost on its way to becoming law, says Purdue University's Eugene Spafford, who closely follows the progress of cybersecurity legislation.
Ocean Bank failed to implement an effective BSA/AML Compliance Program, with internal controls "reasonably designed to detect and report money laundering and other suspicious activity in a timely manner," regulators say.
As of Aug. 22, 306 major health information breaches affecting a total of almost 11.7 million individuals were included in the official federal tally. Fourteen incidents affecting a total of about 270,000 were added since July 22.
The PCI Security Standards Council's new guidance for tokenization offers clarification and recommendations for merchants struggling to determine which tokenization solution is best, especially where compliance with the Payment Card Industry Data Security Standard is concerned.