Article Trunk



Posts Tagged ‘computer security’

UK to toughen telecoms security controls to shrink 5G risks

Amid ongoing concerns about security risks posed by the involvement of Chinese tech giant Huawei in 5G supply, the U.K. government has published a review of the telecoms supply chain, which concludes that policy and regulation in enforcing network security needs to be significantly strengthened to address concerns. However, it continues to hold off on ...

FTC hits Equifax with fine of up to $700M for 2017 data breach

Credit agency Equifax will pay up to $700 million in fines as part of a settlement with federal authorities over a data breach in 2017. The Federal Trade Commission said in a statement Monday that Equifax has agreed to initially pay at least $575 million in fines as part of the settlement with the federal ...

Cyber threats from the U.S. and Russia are now focusing on civilian infrastructure

Joe Cheravitch Contributor Joe Cheravitch is a defense analyst with the Rand Corporation. Cyber-confrontation between the U.S. and Russia is increasingly turning to critical civilian infrastructure, particularly power grids, judging from recent press reports. The typically furtive conflict went public last month, when The New York Times reported U.S. Cyber Command’s shift to a more offensive ...

Microsoft has warned 10,000 victims of state-sponsored hacking

Microsoft said it has notified close to 10,000 people in the past year that they have been targeted by state-sponsored hackers. The tech giant said Wednesday that the victims were either targeted or compromised by hackers working for a foreign government. In almost all cases, Microsoft said, enterprise customers were the primary targets — such ...

Another 2.2 million patients affected by AMCA data breach

Another clinical lab ensnared in the AMCA data breach has come forward. Clinical Pathology Laboratories (CPL) says 2.2 million patients may have had their names, addresses, phone numbers, dates of birth, dates of service, balance information and treatment provider information stolen in the previously-reported breach. Another 34,500 patients had their credit card or banking information ...

TrickBot malware learns how to spam, ensnares 250M email addresses

Old bot, new tricks. TrickBot, a financially motivated malware in wide circulation, has been observed infecting victims’ computers to steal email passwords and address books to spread malicious emails from their compromised email accounts. The TrickBot malware was first spotted in 2016 but has since developed new capabilities and techniques to spread and invade computers ...

For pen testing firm IOActive, security is cultural not transactional

IOActive may not be a household name but you almost certainly know its work. The Seattle-headquartered company has been behind some of the most breathtaking hacks in the past decade. Its researchers have broken into in-flight airplanes from the ground and reverse engineered an ATM to spit out gobs of cash. One of the company’s ...

Homeland Security has tested a working BlueKeep remote code execution exploit

Homeland Security’s cyber agency says it has tested a working exploit for the BlueKeep vulnerability, capable of achieving remote code execution on a vulnerable device. To date, most of the private exploits targeting BlueKeep would have triggered a denial-of-service condition, capable of knocking computers offline. But an exploit able to remotely run code or malware ...

A widely used infusion pump can be remotely hijacked, say researchers

A hospital infusion pump widely used in hospitals and medical facilities has critical security flaws that allow it to be remotely hijacked and controlled, according to security researchers. Researchers at healthcare security firm CyberMDX found two vulnerabilities in the Alaris Gateway Workstation, developed by medical device maker Becton Dickinson. Infusion pumps are one of the ...