Tag Archives: Daily News Bits

Friday Quick Notes

Breaking from my usual theme of one day, one story, here are a few quick notes for you to ponder over the weekend.

In a story that no one saw coming, Adobe is going to patch a critical zero day flaw, being exploited in the wild.  Next Week.  In fairness to Adobe, they do have to develop, package and test the fixes, so it does take some time, but it doesn’t take the hackers as long to exploit the problem.

I thought I had uninstalled Flash on my machines but after the announcement today I looked and it was back again.  I don’t remember reinstalling it, so maybe some Microsoft update installed them.  Find details on the zero day here.  As of yesterday, this was being exploited in Korea, but likely, as of tomorrow, it will be worldwide.

People like to beat up Google and Android as not being as safe as iPhones and in fairness, beating them up is fun and often accurate.  Still Google is sensitive to being criticized.  They just announced that they removed 700,000 apps from the Google store in 2017.  That’s a lot.  In fact it is up 70% from the year before.  While nothing is perfect, pulling 700,000 apps is a lot of work.  Read the details here.  In an even more encouraging statistic, 99% of the apps were removed before anyone could download and install them.  They also identified 100,000 malicious developers and blocked them from the Google store. Go Google!

Researchers have found a new flaw in Oracle’s Micros point of sale or POS system that is used by 200,000 restaurants and 30,000 hotels in 180 countries.  There is a patch for it, but as we discovered with the Equifax breach, people don’t always install patches.  In the case of restaurants and hotels, when, exactly, do you want to take down your point of sale system to patch it?  The result is that many of these systems will never be patched.  Read the details here.  Note that this site may require you to create a free account.

In a move that I would label “Its about time”, starting March 1, 2018, Microsoft’s anti malware tool will bully the bullies.  Those software tools that claim to have detected a virus and for only $99 or whatever they will remove it for you – Microsoft will label them malware and fix the problem for – by deleting those apps.  Yeah, Microsoft.  Read the details here.

Cybersecurity researchers at Ben Gurion University of the Negev say that medical imaging devices like CT scanners are at risk.  Risk of killing patients if a hacker wanted to, by hacking the PC that controls it and changing the radiation level. Hackers could also hold the imaging devices ransom  – taking them out of service until the ransom is paid or the hospital figures out some other solution.  Apparently, the ransom thing has already happened;  the killing part has only happened to a mannequin.  At least that people are willing to fess up to.  Read the story here.

 

Facebooktwitterredditlinkedinmailby feather

This Week In Hacks and Breaches

Too many attacks to write about individually, so I am just going to write a short blurb on each with a link.  Oh, My!

British Airways – hackers accessed “tens of thousands” of frequent flyer accounts forcing BA to lock down the system, denying users access to the system and requesting that they change their passwords (see link).  This does not appear to be a hack of the BA system itself, but rather accounts were used via compromised credentials (possibly via compromised PCs or phones?).

Puush, the screen sharing platform was hacked and users were told by the Puush update process to uninstall the old version and install the new (infected) version (see article).  Puush is telling users to install a new, new, uninfected version.  Puush says that passwords stored locally and in your browser – all of them – may be compromised, so change them all.

gitHub, the open source developer’s web site was hit by the largest denial of service attack they have seen.  After 4 days, they seem to have gotten the attack under control (see article).  The good news is that GitHub’s defenses seem to be holding.  It is believed that the Chinese are mad that GitHub is storing programs that help access banned sites.

The Indiana State Medical Association reported on March 26th that two backup drives with policy information for 40,000 people were stolen on February 13th.  Why they waited 6 weeks to report this is unclear.  It contained all the usual stuff – names, addresses, socials, and medical history.  The article does not say, but we should assume the drives were not encrypted (see article).

TheHill is reporting that thousands of Uber customer passwords are showing up for sale on the dark web.   The price is cheap – selling for as little as a dollar.

Uber says they were not breached.  Still, somehow, the userids and passwords are for sale.  The fact that Uber can’t find a breach also does not mean there wasn’t one.  Uber is particularly sensitive since the personal information for 50,000 of their drivers WAS taken from their servers last month.  That was not caused by a smart hacker, but rather by an employee (?ex-employee?) who posted the credentials to the database online.

A hacked Uber account is of limited value – you can use it to get an Uber cab, check a customer’s history and get their home address, among a few other things.

St. Mary’s Health reported that several employee’s userids and passwords were compromised as a result of an email hacking attempt (it sounds like it was not an attempt but rather a successful attack).  St. Mary’s said they found out about the breach on Dec 3, 2014 and on Jan 8, 2015 found out that the email accounts of these employees have protected health information for 4,400 patients.

This is small enough that I would not write about it normally, but it raises some questions.  It is vague but appears that protected health information was found in email.  Was it encrypted?  Is this a HIPAA violation on top of everything else?  Did they disclose this within the 60 day HIPAA requirement – this is not clear?

I assume the data was not encrypted, but if it was encrypted transparently, with the hackers knowing the userids and passwords of users, that does not help you in the least.  This is why one has to be very careful when implementing encryption – it may give you some protection or just the illusion of protection.

In the “This is embarrassing” column, The Department Of Justice is charging two former agents – one from the Secret Service and one from the DEA with money laundering and wire fraud for stealing crypto currency (bitcoins) related to the Silk Road darknet takedown.  Both were involved in the investigation (see article).

 

Facebooktwitterredditlinkedinmailby feather