A hacker claims to have stolen close to 10 million patient records and is selling them for about US$820,000.
Over the weekend, the hacker, called thedarkoverlord, began posting the sale of the records on TheRealDeal, a black market found on the deep Web. (It can be visited through a Tor browser.)
The data includes names, addresses, dates of birth, and Social Security numbers – all of which could be used to commit identity theft or access the patient’s bank accounts.
These records are being sold in four separate batches. The biggest batch includes 9.3 million patient records stolen from a U.S. health insurance provider, and it went up for sale on Monday.To read this article in full or to leave a comment, please click here
The Department of Homeland Security (DHS) wants to be able to predict what form malware will morph to so it can plan how to block it when it becomes reality.DHS has granted Charles River Analytics in Cambridge, Mass., $500,000 to develop the technology, known as Predictive Malware Defense (PMD).Charles River will use machine learning and statistical models to predict attacks based on new malware as well as create defenses ahead of time. The models will look at features of families of malware and predict how they might evolve.Once it’s developed, PMD will be turned over to admins in private and public organizations – particularly financial organizations - so they can anticipate attacks before they happen, DHS says.To read this article in full or to leave a comment, please click here
Google CEO Sundar Pichai has become the latest tech executive to have a social media account hacked, and the group responsible says more targets will follow.On Sunday, a group of hackers calling themselves OurMine briefly took over Pichai’s account on Quora, a question-and-answer site."We are just testing your security,” the hackers wrote, with the same message auto-posted via Quora to Pichai’s Twitter account. On Monday, the posts had been deleted.OurMine is the same group that hacked the social media accounts of Facebook CEO Mark Zuckerberg earlier this month, and they've claimed other victims too, including the CEO of Spotify and a prominent Amazon executive.To read this article in full or to leave a comment, please click here
Healthcare is now the most frequently attacked industry, beating out financial services, retail and other industries, according to a new report by TrapX. As a result, healthcare organizations are having trouble keeping pace with the number and sophistication of attacks they have to deal with.The report, entitled MEDJACK 2, details the sheer scale of attacks that hospitals and other medical establishments suffer on a regular basis. It is a follow-up to a similar report TrapX released last year.+ Also on Network World: Healthcare needs more IT security pros – stat +To read this article in full or to leave a comment, please click here
A new ransomware program making the rounds uses a simple, yet effective technique to make user files inaccessible: locking them in password-protected ZIP archives.The new threat is called Bart and shares some similarities -- in the ransom note in particular -- with Locky, a much more widespread ransomware program. It is distributed through spam emails that masquerade as photos.The emails have ZIP attachments that contain JavaScript files. These files can be run directly on Windows without the need of additional software and are an increasingly common way to distribute malware.To read this article in full or to leave a comment, please click here
Attackers are packaging the newest and most sophisticated attack tools in long out-of-date malware wrappers, targeting medical devices running legacy operating systems, to breach hospital networks for advanced persistent attacks.Last year, TrapX Security revealed how attackers were infecting medical devices with malware, then moving laterally through hospital networks to steal confidential data. They called it MEDJACK for medical device hijack. Attackers have evolved, so today the firm released a MEDJACK 2 report, “Anatomy of an Attack - Medical Device Hijack 2."To read this article in full or to leave a comment, please click here
Security teams handling Identity and access management (IAM) are hampered by dirty data and need management help from a chief data officer, according to a new report by TechVision Research.IAM is typically defined as a “security discipline that enables the right individuals to access the right resources at the right times for the right reasons.” But identity data is riddled with errors, which ultimately raise security and privacy risks, the report says.The problems include multiple versions of employee names and titles in various systems — and even “ghost” employees. “We find a plethora of identity data challenges, including multiple authoritative sources of data, inconsistent data, redundant data, old data and misclassification of data,” the report says.To read this article in full or to leave a comment, please click here(Insider Story)
Ask what department is responsible for data security in an organization and the most likely answer is, “IT.” But some experts are saying it shouldn’t be IT alone – that better security requires a closer collaboration with Human Resources (HR).One example, they say, is a breach this past Feb. 26 at the Federal Deposit Insurance Corporation (FDIC), when a departing employee inadvertently downloaded 44,000 customer records, including personally identifiable information (PII), to a USB thumb drive.To read this article in full or to leave a comment, please click here
After repeated attacks, the U.S. Internal Revenue Service has decided to retire a Web-based tool for obtaining PINs that taxpayers could use to file tax returns electronically.The Electronic Filing (E-file) PINs Web application is no longer available on the IRS website "because of questionable activity," the agency announced last week.In February, the IRS disclosed that hackers used stolen taxpayer information like names, Social Security numbers, dates of birth and full addresses in order to obtain E-file PINs through its website.To read this article in full or to leave a comment, please click here
After repeated attacks, the U.S. Internal Revenue Service has decided to retire a Web-based tool for obtaining PINs that taxpayers could use to file tax returns electronically.
The Electronic Filing (E-file) PINs Web application is no longer available on the IRS website "because of questionable activity," the agency announced last week.
In February, the IRS disclosed that hackers used stolen taxpayer information like names, Social Security numbers, dates of birth and full addresses in order to obtain E-file PINs through its website.To read this article in full or to leave a comment, please click here
New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.eSentire Training DayKey features: The security awareness training solution combines microlearning and gamification to arm your employees against the latest social engineering, spear phishing attacks, and more. More info.To read this article in full or to leave a comment, please click here
Intel is considering selling its security business as the company tries to focus on delivering chips for cloud computing and connected devices, according to a news report.The Intel Security business came largely from the company's acquisition for US$7.7 billion of security software company McAfee. Intel announced plans to bake some of the security technology into its chips to ensure higher security for its customers.With the surge in cyberthreats, providing protection to the variety of Internet-connected devices, such as PCs, mobile devices, medical gear and cars, requires a fundamentally new approach involving software, hardware and services, the company said in February 2011, when announcing the completion of the McAfee acquisition.To read this article in full or to leave a comment, please click here
Intel is considering selling its security business as the company tries to focus on delivering chips for cloud computing and connected devices, according to a news report.The Intel Security business came largely from the company's acquisition for US$7.7 billion of security software company McAfee. Intel announced plans to bake some of the security technology into its chips to ensure higher security for its customers.With the surge in cyberthreats, providing protection to the variety of Internet-connected devices, such as PCs, mobile devices, medical gear and cars, requires a fundamentally new approach involving software, hardware and services, the company said in February 2011, when announcing the completion of the McAfee acquisition.To read this article in full or to leave a comment, please click here
Former Secretary of State Hillary Clinton’s emails, those sent from her private home server – using Clintonemail.com – were being caught in the spam filter, so the State Department turned the filters off.Bob Gourley, former CTO for the Defense Intelligence Agency (DIA) told Fox News, “You're putting not just the Clinton server at risk but the entire Department of State emails at risk. When you turn off your defensive mechanisms and you're connected to the Internet, you're almost laying out the welcome mat for anyone to intrude and attack and steal your secrets.”To read this article in full or to leave a comment, please click here
Even the noise from your PC’s fans could be used to steal the data inside. Researchers in Israel have found a way to do just by hijacking the fans inside and manipulating the sounds they create.The research from Ben-Gurion University of the Negev shows how data could be stolen from “air-gapped” computers, which are not connected to the Internet.These air-gapped computers are isolated and typically contain the most sensitive information. To hack them, attackers typically need to gain physical access and install malware, possibly through a USB stick. To read this article in full or to leave a comment, please click here
The U.S. and the European Union have reportedly reached an agreement on the language of a key data transfer pact, including limits on U.S. surveillance.The revamped EU-U.S. Privacy Shield was sent to EU member states overnight, according to a report from Reuters. Privacy Shield would govern how multinational companies handle the private data of EU residents.Member states are expected to vote on the proposal in July, unnamed sources told Reuters. Representatives of the EU and the U.S. Department of Commerce didn't immediately respond to requests for comments on the reported deal.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. When it comes to network and endpoint security incidents, there's no shortage of products that can detect suspicious activities and send up alerts. However, what there is a shortage of is skilled incident response experts and time to investigate all the alerts. Security operations (SecOps) professionals need better tools and more efficient processes to become more effective.Demisto Inc. is a new company that launched in May to address these challenges. Demisto says it can help Security Operations Centers (SOCs) scale the capabilities of their human resources, improve incident response times, and capture evidence while working to solve problems collaboratively. The Demisto Enterprise platform is an innovative approach that includes enabling collaboration among analysts and intelligent automation using bots and playbooks.To read this article in full or to leave a comment, please click here
Lenovo has fixed two high-severity vulnerabilities in the Lenovo Solution Center support tool that is preinstalled on many laptop and desktop PCs. The flaws could allow attackers to take over computers and terminate antivirus processes.Lenovo Solution Center (LSC) allows users to check their system's virus and firewall status, update their Lenovo software, perform backups, check battery health, get registration and warranty information and run hardware tests.The two new vulnerabilities, tracked as CVE-2016-5249 and CVE-2016-5248 in the Common Vulnerabilities and Exposures database, were found by security researchers from Trustwave. They affect LSC versions 3.3.002 and earlier.To read this article in full or to leave a comment, please click here
I don’t think anyone would disagree with the statement that IT security has become exponentially more complex over the past five years. It seems every month there’s a new startup that solves a specific security issue but addresses only that one issue.This leads to an increasing number of security vendors causing security solution sprawl. A recent ZK Research survey revealed that large enterprises have an average of 32 security vendors deployed, which is a ridiculously high number. It’s hard enough to build a strategy around two to three vendors, but 32?One startup trying to simplify security is Tempered Networks. I recently spoke with Marc Kaplan, vice president of security architecture for the company, about how Tempered Networks makes network security simpler. Below is our conversation.To read this article in full or to leave a comment, please click here
A U.S. court has ruled that the FBI can hack into a computer without a warrant -- a move which is troubling privacy advocates.
The criminal case involves a child pornography site, Playpen, that had been accessible through Tor, a browser designed for anonymous web surfing.
The FBI, however, managed to take over the site in 2014, and then tracked down and arrested its members by hacking their computers. This allowed law enforcement to secretly collect their IP addresses.To read this article in full or to leave a comment, please click here