#InformationSecurity News - 1/27/15

  • Reporting HIPAA Breaches: A New Approach - The Department of Health and Human Services is taking steps to make the process of using online tools to report breaches more efficient, hoping that will help ease the launching of investigations. More at Healthcare Info Security
  • Sixty percent of organizations have increased their security spending by one-third -- but many security managers still don't think that's enough, Ponemon study finds. Details via InformationWeek DarkReading.  
  • The details of three high-severity vulnerabilities affecting Apple’s OS X operating system have been disclosed over the past two days by Google. The security holes were made public this week after the 90-day disclosure deadline given by Project Zero to vendors expired. Learn more at Security Week
  • As a result of President Obama's "Buy Secure" initiative, the federal government this month is kicking off its EMV rollout, which includes the issuance of chip-and-PIN cards for all federal employees and benefits programs. Read the story at Bank Info Security
  • According to the latest research by Trend Micro, a variant of Curve-Tor-Bitcoin (CTB) Locker ransomware – also known as Critroni – being distributed in a spam campaign now offers victims additional time to pay the ransom, but also requires them to pay a whole lot more than previously. Details via SC Magazine