The Office of Civil Rights (OCR), an agency of the U.S. Department of Health and Human Services, has been ineffective at preventing health information breaches due to narrow audits, says a report from the Office of Inspector General (OIG). From 2016 to 2020, OCR reviews only covered eight of 180 HIPAA rules requirements. OIG recommends expanding its scope to comply with the HITECH Act of 2009, documenting deficiencies in a timely manner, and assessing compliance with HIPAA. OCR agreed with the first and last recommendation.
Researchers discover first UEFI bootkit malware for Linux
Named “Bootkitty”, the first UEFI bootkit targeting Linux systems has been detected by ESET researchers. Operating before the system’s boot process begins enables Bootkitty to
