August 3, Help Net Security – (International) Fake “Windows 10 Free Upgrade” emails deliver ransomware. Security researchers from Cisco’s Talos Group discovered a ransomware campaign in which attackers purporting to be from Microsoft send victims emails with a fake Windows 10 installer attached that is actually a variant of the CTB-Locker crypto-malware. Source
August 3, Softpedia – (International) Chrome extensions can be disabled without user interaction. Security experts from Detectify Labs discovered that an attacker could disable a list of Google Chrome security extensions upon visiting a site using the “ping” attribute inside a regular link, effectively removing safeguards without the user’s knowledge. Google Chrome was notified of the vulnerability and released a patch addressing the issue. Source
August 3, IDG News Service – (International) DNS server attacks being using BIND software flaw. Security researchers from Sucuri reported that attackers have begun exploiting a denial-of-service (DoS) flaw in all versions of BIND 9 open-source Domain Name System (DNS) software that was patched the week of July 27. The company confirmed that two clients in different sectors had experienced attacks. Source
August 3, Help Net Security – (International) The leading cause of insider threats? Employee negligence. The Ponemon Institute released findings from a survey on insider information technology (IT) threats in U.S. and German firms, revealing that in addition to malicious intent, employee negligence is a significant cause of security incidents that lead to decreases in IT productivity, which can cause a company as much as $1.5 million in losses per year. The report cited long hours and multitasking as common elements leading to negligence, among other findings. Source
July 31, Securityweek – (International) Flaw in fingerprint access devices could make it easy to open doors. Security researchers at CERT Coordination Center (CERT/CC) discovered two flaws in several models of fingerprint access controllers developed by Taiwan-based Chiyu Technology in which an unauthenticated attacker with network access could view and modify the device’s configuration by accessing known paths. Source
August 3, Softpedia – (National) Data of 4 million patients lost in MIE hacking. The Indiana Attorney General announced that an estimated 1.5 million State residents and 3.9 million individuals from 11 healthcare providers and 44 radiology clinics nationwide may have been impacted by a May breach of Medical Informatics Engineering and its subsidiary NoMoreClipboard’s networks. Officials continue to investigate the attack, which allowed hackers to gain access to patients’ personal and medical information. Source
August 3, Securityweek – (National) FDA issues alert over vulnerable Hospira drug pumps. Healthcare organizations were alerted by the U.S. Food and Drug Administration July 31 regarding cyber security risks associated with the use of Hospira Symbiq infusion systems following flaws discovered in 2014, which included security holes that can be remotely exploited by hackers in order to gain access to the devices and possibly change the dosage they deliver. The company has been working on developing a software update and the vendor is working to remove all of the infusion systems from the market until a permanent replacement is available. Source
August 1, Sioux City Journal – (South Dakota) Siouxland Pain Clinic says patient information likely exposed by hacker. The Siouxland Pain Clinic in Dakota Dunes reported July 31 that patients’ health and other personal information was likely exposed during an attack on the clinic’s server between March 26 and April 2, and that there was no evidence that the information was misused. The clinic continues to evaluate the attack after being notified of the breach June 26. Source