Archives: June 2016
You are here: Home \ 2016 \ June
LizardStresser, a distributed denial of service botnet, has found new life leveraging hundreds of internet-based webcams in attacks against Brazilian-based banks, government agencies as well as a handful of U.S.-based gaming companies. Researchers at the Arbor’s Security Engineering and Response Team (ASERT) say publicly released source code of the LizardStresser botnet in 2015, by the...
A breach at Massachusetts General Hospital has potentially compromised the information of roughly 4,300 dental patients, the hospital warned Wednesday. MGH was quick to point out that the data leaked wasn’t stored or maintained on its systems but those of a third-party vendor that assists the hospital in managing dental patients at several practices, including...
Foxit patched a dozen vulnerabilities in its PDF reader software this week, more than half of which could allow an attacker to directly execute arbitrary code on vulnerable installations of the product. The company released version 8.0 of its Foxit Reader and Foxit PhantomPDF on Monday, addressing vulnerabilities in builds 7.3.4.311 and earlier of the...
Internet-connected medical devices such as MRI machines, CT scanners and dialysis pumps are increasingly being targeted by hacker seeking to steal patient medical records from hospitals. Attackers consider the devices soft digital targets, seldom guarded with same security as client PCs and servers within hospitals. In a report by security firm TrapX Labs, researchers found...
The Federal Trade Commission doesn’t investigate every reported breach, but when it comes to prosecuting data security cases it has an impressive 70 percent closure rate, according to agency officials. FTC Commissioner Maureen Ohlhausen shed light on the agency’s approach to enforcing data security in a keynote address for a panel titled Federal Online Data...
If you’re one of the millions who rocked out at Hard Rock Hotel and Casino Las Vegas or slurped noodles at a Noodles & Company fast food chain in the past year, it’s time to get paranoid. Both companies announced this week separate breaches that include unauthorized access to credit card data. The Hard Rock...
The transportation industry is increasingly being targeted by cyber criminals who see the sprawling multi-billion dollar industry as ripe for financially motivated attacks. According to IBM’s X-Force security team, the systems behind planes, trains and automobiles have now become bigger paydays for hackers than industries such as the retail sector – once a favorite of...
A botnet comprised entirely of internet-enabled closed circuit TV devices used a barrage of HTTP requests to knock a small jewelry store offline for days. Researchers who came across the botnet recently said they weren’t surprised that IoT devices were being used to carry out a distributed denial of service attack but were caught off...
Researchers have identified a recent wave of malware targeting the Google Play app marketplace that entices users to download utilities and games that when installed surreptitiously root devices. The exploit, which mobile security firm Lookout calls autorooting malware, gives attackers complete control of the infected device. It was discovered by researchers in an app called LevelDropper....
A hacker selling upwards to 655,000 healthcare records on the dark web allegedly obtained them after exploiting a vulnerability in how companies implement remote desktop protocol, or RDP, functionality. The hacker, who goes by the handle “thedarkoverlord,” allegedly penetrated three healthcare organizations and made off with a database from each, according to Deep Dot Web, who...