2017 has been a very challenging year for healthcare institutions as these organizations remain under sustained attack by cybercriminals that continue to target their networks. End of year research conducted by Cryptonite indicates that there were a total of 140 data breach events characterized and reported to HHS/OCR as IT/hacking in 2017 representing a 23.89% increase over the 113 IT/hacking events reported in 2016. The number of...
Read More
The US Customs and Border Protection (CBP) agency published last week a new guideline containing updated procedures for searching travelers’ electronic devices at US borders. CBP, an agency part of the US Department of Homeland Security (DHS), last updated the guidelines in August 2009. New procedures reign in border searches According to a 12-page set of rules and a 22-page privacy assessment, border agents can still search electronic...
Read More
Description: Apple has released security updates to address vulnerabilities in multiple products. The following is titled under this update : iOS 11.2.2 Safari 11.0.2 macOS High Sierra 10.13.2 Impact: An attacker could exploit these vulnerabilities to obtain access to sensitive information. Mitigation: Updates are available. Please see the Apple security pages for more information. Reference URL’s: https://support.apple.com/en-us/HT208401 https://support.apple.com/en-us/HT208403 https://support.apple.com/en-us/HT208397
Description: VMware has released security updates to address multiple vulnerabilities for the following products vRealize Operations for Horizon (V4H) vRealize Operations for Published Applications (V4PA) VMware Workstation Pro / Player (Workstation) VMware Fusion Pro / Fusion (Fusion) Horizon View Client for Windows Impact: A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Mitigation: Updates are available. Please see the references...
Read More
Apparel retailer Forever 21 says point-of-sale systems in some of its stores were infected by malware for up to seven months, compromising shoppers’ payment card data. On Tuesday, Forever 21 issued an update on its investigation into the “payment card security incident” that it first announced in November. The retailer now says that an investigation conducted by a third-party incident response firm that it hired...
Read More
Despite awareness of the need for cybersecurity, many consumers are not taking proactive steps to keep their personal information protected from identity theft. With the increased volume of attacks and breaches, 61% of consumers surveyed claimed that they are more worried about cybersecurity today than they were five years ago. Recent McAfee research reveals that 33% of consumers rank protecting their identity as their number one...
Read More
Windows users whose PCs run on Intel processors can apparently expect their computers to slow down after next Tuesday. In fact, all computers using modern Intel chips – whether they run Windows, Linux or macOS – are expected to suffer a performance hit in the coming days. The reason for this unwelcome change is a fundamental design flaw discovered in Intel’s processor chips, more specifically...
Read More
In the cyber security world, record setting has an entirely different connotation It’s one thing to talk in generalities about how massive the data breach problem is, but it’s another thing to understand the actual statistics. The numbers tell a powerful story about how pervasive cyber attacks have become These 2017 statistics, along with predictions for the coming years, provide eye-opening insight into how cyber...
Read More
Two security researchers —Vangelis Stykas and Michael Gruhn— have published a report on a series of vulnerabilities that they named “Trackmageddon” that affect several GPS and location tracking services. These GPS tracking services are basic databases that collect geolocation data from smart GPS-enabled devices, such as pets trackers, car trackers, kids trackers, and other “[insert_name] tracker” products. Data is collected on a per-device basis and...
Read More
The Italia cyber security expert Marco Ramilli, founder of Yoroi, published an interesting analysis of a quite new InfoStealer Malware delivered by eMail to many International Companies. Attack attribution is always a very hard work. False Flags, Code Reuse and Spaghetti Code makes impossible to assert “This attack belongs to X”. Indeed nowadays makes more sense talking about Attribution Probability rather then Attribution by itself. “This attack belongs to X...
Read More
