Google's Plan to Crunch Health Data on Millions of Patients Draws Fire

Tech behemoth Google is using artificial intelligence to reportedly slice and dice personal healthcare details on millions of Americans. That has some researchers diagnosing the company with HIPAA violations and prescribing regulatory controls as a remedy. And, at least one federal regulator is...

IoT Security Woes Plague Healthcare Industry

LAS VEGAS – More hospitals are adopting internet of things IoT devices, from wearables to smart insulin pens. But neither hospitals nor the device manufacturers themselves are ready to address the onslaught of security and privacy challenges that come with medical connected devices. At least 82...

Federal Court: Suspicionless Search of Traveler Devices by Border Agents Is Unconstitutional

In a win for the privacy of international travelers, a federal court in Boston has ruled that searchers of traveler electronic devices by border agents without suspicion is unconstitutional. The ruling from the U.S. District Court, District of Massachusetts came in a 2017 case, Alasaad v. Nielsen...

Insider Threats, a Cybercriminal Favorite, Not Easy to Mitigate

LAS VEGAS – Insider threats are an ongoing top danger for companies — but when it comes to mitigation efforts, incident-response teams face an array of challenges. Discussions with various incident-response teams revealed that between 25 to 30 percent of data breaches involved an external actor...

Microsoft Patches RCE Bug Actively Under Attack

A critical bug in a Microsoft scripting engine, under active attack, has been patched as part of Microsoft’s Patch Tuesday security roundup. The vulnerability exists in Internet Explorer and allows an attacker to execute rogue code if a victim is coaxed into visiting a malicious web page, or, if...

Plugging the Data Leak in Manufacturing

More often than not, when then the internet of things IoT is brought up these days, it conjures images of Alexa, Siri and Cortana. These personal assistants can help users turn on a smart light bulb, flick on the oven and get you the day’s news, all in one fell swoop. However, IoT has evolved far...

Intel Warns of Critical Info-Disclosure Bug in Security Engine

A critical security bug in the Intel Converged Security and Manageability Engine CSME could allow escalation of privilege, denial of service or information disclosure. The details are included in a bug advisory that in total covers 77 vulnerabilities, 67 of which were found by internal Intel staf...

Magento Warns E-Commerce Sites to Upgrade ASAP to Prevent Attacks

The popular e-commerce platform Magento is urging web administrators to install its latest security update in order to defend against malicious attacks in the wild that could exploit a critical remote code-execution vulnerability. While the company didn’t specify what kinds of potential attacks...

Adobe Patches Critical Bugs in Illustrator, Media Encoder

Adobe Systems is warning Illustrator 2019 users that two critical memory-corruption vulnerabilities could allow for an attacker to remotely connect to a Windows machine, execute code and gain control of the targeted system. The create-suite behemoth also warned Tuesday, as part of its regular...

Microsoft to Apply California’s Privacy Law to All U.S. Users

Microsoft is extending a California law aimed at protecting users privacy to all of its users in the United States, an unexpected move supporting tougher requirements to disclose exactly how the company uses the consumer data it collects. The California Consumer Privacy Act, known as CCPA, is...

DDoS Attacks Target Amazon, SoftLayer and Telecom Infrastructure

The last 30 days has seen a renewed increase in distributed denial-of-service DDoS activity, according to researchers, who said that they have observed a number of criminal campaigns mounting TCP reflection DDoS attacks against corporations. Researchers at Radware said that the list of victims...

ThreatList: Data Breaches Batter Stock Prices at Public Companies, For Months

Much has been made of the fallout that companies face after a data breach. But for public companies, shaken investor confidence adds a whole new dimension to recovery concerns. A recent study from Comparitech shows that share prices for large breached companies will hit a low point approximately ...

Ransomware Attack Downs Hosting Service SmarterASP.NET

SmarterASP.NET, a popular web hosting provider with more than 440,480 customers, has been hit with a ransomware attack that took down its customers’ websites that were hosted by the company. The company on Monday said it is in the process of recovering impacted data. SmarterASP.NET offers shared...

Encrypted Emails on macOS Found Stored in Unprotected Way

A database on Apple’s macOS computers is storing emails that are supposed to be protected with encryption as readable files, a problem of which the company has been aware for months and still has yet to solve, according to a researcher. Apple IT specialist Bob Gendler discovered the problem while...

Platinum APT Shines Up New Titanium Backdoor

APT threat group Platinum has a shiny new plaything: A custom trojan backdoor dubbed Titanium. The backdoor’s name, aside from keeping with the silvery metal theme, comes from password to one of the self-executable archives found in the code. According to Kaspersky researchers who analyzed the...

Understanding the Ripple Effect: Large Enterprise Data Breaches Threaten Everyone

Big businesses are constantly under attack, and that affects everyone from customers and business partners to parties with national security interests. When successful, the initial compromise is only a means to an end — the real goal is to mount follow-on attacks like spearphishing, extortion...

Art Imitates Life: Lessons from the Final Season of Mr. Robot

Fair warning: if you aren’t caught up, there are spoilers for the first episode of the final season of Mr. Robot below. It’s an alien sensation to be watching the fourth and final season of Mr. Robot as a civilian: having worked as a technical consultant for the first three seasons of the show,...

Pwn2Own Tokyo Roundup: Amazon Echo, Routers and Smart TVs Fall to Hackers

Another Pwn2Own has drawn to a close, with Team Fluoroacetate researchers Amat Cama and Richard Zhu taking home the Master of Pwn title for the third year in a row. Overall, contestants in the Tokyo 2019 event earned more than $315,000 over the two-day hacking contest, for uncovering 18 different...

News Wrap: Voice Assistant Laser Hack, Twitter Insider Threats, Data Breach Fine Fails

Threatpost editors break down the top news stories for the week ended Nov. 8. The hot stories of the week include: Despite trillions of dollars in data-breach fine payouts, each year the number of compromised companies and individuals with private data exposed rise – a Threatpost feature looks at...

Amazon Fixes Ring Video Doorbell Flaw That Leaked Wi-Fi Credentials

UPDATE Amazon has patched a vulnerability in its Ring smart doorbell device that could allow attackers to access the owner’s Wi-Fi network credentials and potentially reconfigure the device to launch an attack on the home network, researchers have found. Researchers discovered the problem in...

Ex-Twitter Employees Spied on Saudi Dissidents: DoJ

The Department of Justice DoJ has charged two former Twitter employees of working with the government of Saudi Arabia to snoop on political dissidents’ accounts. The 27-page complaint alleges that two former Twitter employees, Ali Alzabarah, 35, and Ahmad Abouammo, 41, accessed Twitter account da...

Amazon Kindle, Embedded Devices Open to Code-Execution

Multiple vulnerabilities have been found in Das U-Boot, a universal bootloader commonly used in embedded devices like Amazon Kindles, ARM Chromebooks and networking hardware. The bugs could allow attackers to gain full control of an impacted device’s CPU and modify anything they choose. Researche...

Gamers Hit with Nvidia GPU Driver, GeForce Flaws

Nvidia has issued fixes for high-severity flaws in two popular gaming products, including its graphics driver for Windows and GeForce Experience. The flaws can be exploited to launch an array of malicious attacks – from denial-of-service efforts DoS to escalation of privileges. The majority of th...

How to Secure Critical Infrastructure When Patching Isn't Possible

Cyberattacks are on the rise and threatening our digital life and our most intimate information — but also our operational realities. Attacks on critical infrastructure such as power plants, water works, airports and the like transportation ranks among the highest-value targets for cyberattackers...

Data Breach Fines: Are They Working to Boost Consumer Safety?

Breach statistics are downright discouraging: Over the past five years the number of businesses breached has skyrocketed. The human consequences are also bad, with billions of private email addresses, bankcard numbers and other deeply personal data points exposed online and now in the hands of...

Google Enlists Help to Fight Bad Android Apps

After years of unsuccessfully battling malware and bad apps in the Google Play store and on more than 2.5 billion Android devices, Google is finally doing something about it. The tech giant this week unveiled an alliance with three companies with specific expertise in endpoint security to help...

Microsegmentation and Isolation: 2 Essential Strategies in Zero-Trust Security

The headlines over the past few years have been consistent – enterprises are pouring more and more money into cybersecurity countermeasures. Indications are that 2020 will be no different, with reports that nearly three quarters of CISOs plan to ask their CFOs for increased cybersecurity investme...

You've Been Served…with Subpoena-Themed Phishing Emails

A phishing campaign claiming to deliver emailed subpoenas is targeting insurance and retail companies. According to researchers, the phishing emails are spoofing the UK Ministry of Justice, aiming to capitalize on scare tactics to convince targets to click on an embedded link to “learn more about...

Rogue Trend Micro Employee Sold Customer Data for 68K Accounts

Trend Micro said that a rogue employee sold the data of 68,000 customers to a malicious third party, who then used that data to target customers with scam calls. The employee, who gained unauthorized access to a customer-support database, has since been terminated. Trend Micro said that the...

Facebook Privacy Breach: 100 Developers Improperly Accessed Data

UPDATE Facebook said that 100 third-party app developers have improperly accessed the names and profile pictures of members in various Facebook groups – data that was restricted in 2018 by the platform after its Cambridge Analytica privacy snafu. Facebook said that the developers – including 11 i...

DarkUniverse APT Emerges to Deliver Sophisticated, Targeted Spy Attacks

A sophisticated espionage APT that was active for at least eight years before receding into the shadows has been uncovered — and researchers said that it may still be active. In April 2017, ShadowBrokers published one of their many leaks of cyberweapons used by the National Security Agency NSA an...

Emotet Resurgence Continues With New Tactics, Techniques and Procedures

The notorious banking trojan Emotet, that mysteriously disappeared over the summer, returned last month dropping a new collection of malware including information stealers, email harvesters, self-propagation mechanisms and ransomware. But since the malware returned from its hiatus, there was no...

Google Analytics Emerges as a Phishing Tool

Cybercriminals are leveraging key technical markers used in web analytics—particularly Google Analytics—to create more sophisticated and targeted phishing attacks, new research has found. However, this also makes them more susceptible to detection by organizations defending their sites against...

Presentation Template: Build Your 2020 Security Plan

As the end of the year approaches, security decision makers are creating their 2020 plans and running them by management for approval. In most cases, this means requesting and making the case for the necessary resources that need to be allocated, while still providing value to the organization. T...

Trump, Putin and Politics Name-Dropped to Peddle Malware

With the U.S. presidential elections looming, bad actors are tapping into the political craze with several malware distribution campaigns, using high-profile political names to tap into victims’ emotions and convince them to click on malicious links. Researchers have uncovered hundreds of...

Eye Clinic Breach Reveals Data of 20,000 Patients

A Utah eye clinic is in the process of informing 20,000 patients that they were the victims of a data breach that happened a year and a half ago and linked patients to a scam involving PayPal. The breach at the Utah Valley Eye Center in Provo, Utah, that exposed patient emails once again highligh...

Magecart Groups Attack Simultaneous Sites in Card-Theft Frenzy

In an interesting development on the financial cybercrime scene, different Magecart groups have been spotting stepping over each other and attacking the same sites. Magecart is an umbrella term encompassing several different threat groups who all use the same modus operandi: They compromise...

Alexa, Siri, Google Smart Speakers Hacked Via Laser Beam

Researchers have discovered a new way to hack Alexa and Siri smart speakers merely by using a laser light beam. No physical access of the victims’ device, or owner interaction, is needed to launch the hack, which allows attackers to send voice assistants inaudible commands such as unlocking doors...

Wizard Spider Upgrades Ryuk Ransomware to Reach Deep into LANs

The Ryuk ransomware has added two features to enhance its effectiveness: The ability to target systems that are in “standby” or sleep mode; and the use of Address Resolution Protocol ARP pinging to find drives on a company’s LAN. Both are employed after the initial network compromise of a victim...

Critical Remote Code Execution Flaw Found in Open Source rConfig Utility

Two bugs in the network configuration utility rConfig have been identified, both allowing remote code execution on affected systems. Worse, one is rated critical and allows for a user to attack a system remotely – sans authentication. RConfig is a free open-source configuration management utility...

BEC Scam Costs Media Giant Nikkei $29 Million

Media conglomerate Nikkei Inc. has fallen victim to a business email compromise BEC scam that fleeced the company out of $29 million. Nikkei is Japan’s largest financial media organization and lends its name to Japan’s premier stock index, which is the equivalent of the Dow Jones Industrial Avera...

BlueKeep Attacks Have Arrived, Are Initially Underwhelming

The wave of BlueKeep attacks that security experts predicted could take down systems globally have arrived, but they are not in showing the form nor the destructive impact experts initially feared. Security researchers have seen evidence of the first wave of attacks on the zero-day Windows Remote...

Office for Mac Users Warned of Malicious SYLK Files

Microsoft Office for Mac users are being warned that malicious SYLK files are sneaking past endpoint defenses even when the “disable all macros without notification” is turned on. This leaves systems vulnerable to a remote, unauthenticated attackers who can execute arbitrary code. The warning com...

Solar, Wind Power Utility Disrupted in Rare Cyberattack

A cyberattack on the U.S. energy grid has just come to light, so to speak, which disrupted plant visibility at Utah-based sPower back in March. sPower, a Utah-based wind and solar provider, began experiencing a series of lost connections between its main control center and remote power-generation...

News Wrap: Office 365 Voicemail Phish and Bed Bath and Beyond Breach

Threatpost editors Tara Seals and Lindsey O’Donnell break down the top security news of this week, from data breaches to advanced persistent threat APT activity. Top stories include: A Microsoft alert that APT group Fancy Bear has targeted anti-doping authorities and sporting organizations around...

Global Crime Ring Bilks U.S. Military Members, Vets Out of Millions

Operators of a widespread identity-theft and fraud scheme have bilked thousands of U.S. servicemembers and veterans out of millions of dollars in stolen funds and Veterans Affairs VA benefits payments. Fredrick Brown pled guilty this week, revealing that in his role as a civilian medical records...

Stubborn Malware Targets QNAP NAS Hardware Specifically

UPDATE Top-selling network attached storage devices NAS made by QNAP Systems are being singled out by attackers, who have crafted malware specifically designed for the vendor’s hardware. Researchers at the Finland’s National Cyber Security Centre NCSC-FI reported the targeted attacks late last...

Google Discloses Chrome Flaw Exploited in the Wild

UPDATE Google is warning users of a high-severity vulnerability in its Chrome browser that is currently being exploited by attackers to hijack computers. The flaw CVE-2019-13720, discovered by security researchers Anton Ivanov and Alexey Kulaev at Kaspersky, exists in Google Chrome’s audio...

Android Keyboard App Could Swindle 40M Users Out of Millions

Researchers are warning users to delete a popular Android keyboard app that, once downloaded, makes unauthorized purchases of premium digital content. Google told Threatpost it has removed the app from its Google Play marketplace – but researchers say it was downloaded on at least 40 million phon...

Calypso APT Emerges from the Shadows to Target Governments

A newly discovered APT group, dubbed Calypso after a custom malware RAT that it uses, has been targeting state institutions in six different countries since 2016. Government organizations in India 34 percent, Brazil and Kazakhstan 18 percent respectively, Russia and Thailand 12 percent respective...