Security News > 2020

A former acting inspector general of U.S. Department of Homeland Security and another government official have been indicted for allegedly stealing DHS proprietary software and databases and then attempting to resell the technology back to the government, according to the Justice Department. In their indictment, federal prosecutors allege that between October 2014 and April 2017, Edwards, Venkata and other unnamed co-conspirators began attempting to steal proprietary software used by the DHS Office of Inspector General as well as a database that contained the personally identifiable information of DHS and U.S. Postal Service employees.

Seattle, WA-based network security firm WatchGuard Technologies announced that it has agreed to acquire Spain-based endpoint security firm Panda Security. Panda provides a range of user-centric security products and services for protecting people, devices, and the networks they connect to from malicious websites, malware, spam, and other targeted attacks.

The Department of Health and Human Services on Monday released its long-awaited interoperability and information blocking final rules as called for under the 21st Century Cures Act. The aim is to enable patients to access their data through any third-party application they choose and also integrate a health plan's information to a patient's electronic health record, the officials said.

A former CIA software engineer accused of stealing a massive trove of the agency's hacking tools and handing it over to WikiLeaks was convicted of only minor charges Monday, after a jury deadlocked on the more serious espionage charges against him. Joshua Schulte, who worked as a coder at the agency's headquarters in Langley, Virginia, was convicted by a jury of contempt of court and making false statements after a four-week trial in Manhattan federal court that offered an unusual window into the CIA's digital sleuthing and the team that designs computer code to spy on foreign adversaries.

Multiple threat groups are actively exploiting a vulnerability in Microsoft Exchange servers, researchers warn. After Microsoft patched the flaw in February researchers with the Zero Day Initiative, which first reported the vulnerability, published further details of the flaw and how it could be exploited.

Multiple threat groups are actively exploiting a vulnerability in Microsoft Exchange servers, researchers warn. After Microsoft patched the flaw in February researchers with the Zero Day Initiative, which first reported the vulnerability, published further details of the flaw and how it could be exploited.

The extraordinary trial of a former CIA sysadmin accusing of leaking top-secret hacking tools to WikiLeaks has ended in a mistrial. Some of those motions will ask for information from the prosecution that was kept from her during the trial, most controversially the case of "Michael," a co-worker of Schulte who was put on administrative leave by the CIA when evidence emerged linking him to the theft of the Vault 7 hacking tools.

UK telephone, TV and internet provider Virgin Media has suffered a data breach. Data breaches from partner companies could happen for exactly the reason given above - poor cloud management practices - or for a variety of other reasons that the company responsible for the data can't control directly.

The process of constructing a holistic policy-based identity management solution can be difficult and overly complex, especially in the sensitive hospital environment with myriad identities. An integrated identity ecosystem provides a unified view across both cyber and physical security system; improving the overall hospital experience.

Newly introduced legislation seeks to protect journalist who publish classified information, as well as security researchers who discover classified government backdoors. The modification to the Espionage Act of 1917 would better protect journalists that have been increasingly targeted for disclosing government secrets.