Cyber Security News

The European Network and Information Security Agency, ENISA, has compiled a list of existing initiatives focused on finding and preventing software vulnerabilities.

A notice of proposed rulemaking from the HHS Office for Civil Rights that would modify the HIPAA Privacy Rule standard for accounting of disclosures of protected health information and add new requirements for access reports.

The Final FFIEC Guidance has been issued and its main intent is to reinforce the 2005 Guidance’s risk management framework and update the Agencies’ expectations regarding customer authentication, layered security, or other controls in the increasingly hostile online environment.

The Department of Health and Human Services’ Office for Civil Rights provided a report to Congress on health information breaches from September 2009 through 2010, as required under the HITECH Act. Nearly 7.9 million Americans were affected by almost 30,800 health information breaches, according to the report.

Researchers Trace 61% of Known Losses This Year to Pyongyang-Backed HackersHackers tied to North Korea’s cash-strapped totalitarian dictatorship this year stole a record amount of cryptocurrency, totaling $1.34 billion across 47 incidents, or about double their known haul for 2023, reported blockchain analytics firm Chainalysis.

Infrastructure Problems Blamed; Users Appear to Move to Similar FlowerStorm ServiceAs the end of the year approaches, it’s out with the old and in with the new as researchers report that Rockstar 2FA, which once facilitated prolific phishing-as-a-service hits, has crashed and burned, apparently leading many one-time users to move to rival FlowerStorm.

AI Can Fake Alignment to New Instructions to Avoid RetrainingAdvanced artificial intelligence models can feign alignment with new training goals while secretly adhering to their original principles, a study shows. Alignment faking isn’t likely to cause immediate danger but may pose a challenge as AI systems grow more capable.

Major Chinese Router Manufacturer Facing Increased Scrutiny After Chinese EspionageU.S. authorities have launched multiple investigations while reportedly considering banning the widely popular Chinese-manufactured TP-Link routers amid ongoing security risks linked to Chinese cyberespionage and hacking campaigns targeting American critical infrastructure sectors.

Their substitute notice, as published on Effingham Radio: Springfield, IL-(Effingham Radio)- Pursuant to the requirements of the Illinois Personal Information Protection Act (PIPA), 815 ILCS 530/12, the Illinois Department of Human Services (IDHS) is notifying the media of an incident within IDHS State of Illinois email accounts: On April 25, 2024, IDHS experienced a privacy breach….

Sarah Volpenhein reports: Nearly 5.6 million people were affected in the ransomware attack that hit Ascension in May, the national health system now says. Until now, the health system had not publicly disclosed the total number of people affected by the May ransomware attack that compromised patient data and ultimately caused major disruptions to patient…