HHS Office for Civil Rights Settles HIPAA Phishing Cybersecurity Investigation with Solara Medical Supplies, LLC for $3,000,000

In 2019, DataBreaches reported that Solara Medical Supplies in California was notifying more than 110,000 patients after an attacker gained access to some employees’ email accounts via phishing. Solara was subsequently sued and settled claims for $9.76 million. Now today, HHS OCR announced a settlement with Solara: Today the U.S. Department of Health and Human…

Biden Signs Executive Order Aimed at Growing AI Infrastructure in the US

The executive order comes on the heels of the Biden administration’s proposed restrictions on exports of AI chips, an attempt to balance national security concerns about the technology with economic interests of producers and other countries. The post Biden Signs Executive Order Aimed at Growing AI Infrastructure in the US appeared first on SecurityWeek.

WEF Report Reveals Growing Cyber Resilience Divide Between Public and Private Sectors

WEF’s Global Cybersecurity Outlook 2025 report highlights key challenges like the skills gap, third-party risks, and resilience disparities between businesses and private sectors. The post WEF Report Reveals Growing Cyber Resilience Divide Between Public and Private Sectors appeared first on SecurityWeek.

Google OAuth Vulnerability Exposes Millions via Failed Startup Domains

New research has pulled back the curtain on a “deficiency” in Google’s “Sign in with Google” authentication flow that exploits a quirk in domain ownership to gain access to sensitive data. “Google’s OAuth login doesn’t protect against someone purchasing a failed startup’s domain and using it to re-create email accounts for former employees,” Truffle Security…