Tech content trusted by users in North America and around the world
6,411 Reviews & Articles | 42,725 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 91

CyberRX mock cyberattack demonstration indicates much left to be done

The U.S. Department of Health and Human Services (DHHS) and HITRUST recently conducted CyberRX, the first healthcare industry cyberattack simulation. Incident response coordination and collaboration are important, though many departments tend to keep security practices internal and not share successful techniques.

 

cyberrx_mock_cyberattack_demonstration_indicates_much_left_to_be_done_01

 

The standard national cybersecurity framework isn't effective to keep critical infrastructure protected, so healthcare providers and private sector security specialists must team up to be better prepared for threats.

 

"The initial exercise, although limited in number of participants, is a significant step in establishing an industry CyberRX exercise playbook and formal program; identifying areas where organizations should focus; identifying opportunities for greater collaboration and information sharing between organizations, HITRUST and government; and identifying what gaps exist and where industry needs additional support to (be) better prepared," said Kevin Charest, U.S. Department of Human Services Chief Information Security Officer.

Continue reading 'CyberRX mock cyberattack demonstration indicates much left to be done' (full post)

FBI warns healthcare providers of growing cyberattack threat

The FBI sent a private memo to healthcare providers, warning them of increased threat of cyberattacks, especially with lackadaisical security methods that open patients up to further risk. Healthcare IT is continuing to evolve and does get better, but security loopholes and savvy criminals are still causing problems for medical IT specialists.

 

healthcare_industry_tests_cyberattack_simulations_as_attacks_grow_01

 

"The healthcare industry is not as resilient to cyber intrusions compared to the financial and retail sectors, therefore the possibility of increased cyber intrusions is likely," the FBI said in its memo.

 

As noted by security experts previously, health care data traded on the black market is more valuable than credit and debit card information. The personal information found in medical records includes information that makes it even easier to access bank accounts, commit fraud, or steal prescription drugs - a lucrative currency among criminals, too.

Continue reading 'FBI warns healthcare providers of growing cyberattack threat' (full post)

DDoS cyberattacks up 43 percent during Q4 2013, new report says

There was an upswing in distributed denial-of-service (DDoS) attacks during the fourth quarter of 2013, according to Akamai, in its "State of the Internet Report." Its customers reported 1,153 DDoS attacks in 2013, a 50 percent increase year-over-year - and a notable 23 percent increase from Q3 to Q4 last year.

 

ddos_cyberattacks_up_43_percent_during_q4_2013_new_report_says_01

 

Cybercriminals are able to launch DDoS attacks against major targets with little overhead, and overall ability to compromise servers makes DDoS a very notable attack method.

 

Enterprise and commerce continued to be the industries targeted most frequently by the reported DDoS attacks in the fourth quarter, at 159 and 82 attacks, respectively," Akamai said in a press release. "Together, they account for just under 70% of the reported attacks during the quarter, while slightly less than half of the total attacks were reported by customers in the Americas."

Airport passwords written down, lost, then found on terminal floor

Prior to President Barack Obama's first trip to Japan, there was a bit of a mishap in Tokyo's Haneda International airport. A Skymark Airlines employee reportedly lost a printout with a list of passwords which was found after 30 minutes on an airport terminal floor.

 

airport_passwords_written_down_lost_then_found_on_terminal_floor_01

 

It's unknown what type of access would be granted using the lost passwords, airport officials changed all passwords as a preventative security measure.

 

Although software and hardware security continues to evolve, companies need to do a better job training employees to keep information secure. There is a problem of 'password fatigue' among employees, though there has to be some sort of guidelines available - especially when co-workers are opening one another up to potential data theft.

Boston Children's Hospital website targeted by cyberattackers

The Boston Children's Hospital was recently targeted in a wave of cyberattacks trying to bring down its website, though cybercriminals were unsuccessful, and no patient data was taken in the attempted breach.

 

boston_children_s_hospital_website_targeted_by_cyberattackers_02

 

"Over the weekend and through today, Boston Children's Hospital's website has been the target of multiple attacks designed to bring down the site by overwhelming capacity," said Rob Graham, hospital spokesperson, in a statement.

 

Hospital officials have reported police authorities and an investigation is currently underway - no hacker or hacker groups have stepped forward to take credit for the attempted breach.

Continue reading 'Boston Children's Hospital website targeted by cyberattackers' (full post)

Universities, healthcare providers under significant cyberthreat

Cybercriminals are finding it rather easy to launch attacks against companies and universities, especially with attention focused more on Heartbleed. Almost 20 universities and a handful of healthcare providers have come under attack, which will continue to happen as IT managers scramble to try and secure databases.

 

universities_healthcare_providers_under_significant_cyberthreat_01

 

"We have had very bad luck with several universities as far as reaching out about breaches," said Alex Holden, Hold Security CTO, in a statement to the media. "The problem is finding with in a very large, decentralized infrastructure the right person to talk to and impress on them that something is going on."

 

Instead of launching attacks against individual users, cybercriminals are largely finding it more lucrative to compromise large databases - personal information is valuable, and can be stolen for personal use, sold, or traded.

Iowa State University data breach could affect up to 30,000

Iowa State University recently confirmed it suffered a data breach and the personal information of up to 30,000 current and former students is now at risk. Particularly, the Social Security Numbers of students enrolled at ISU between 1995 and 2012 were vulnerable, though it doesn't appear cyberattackers accessed the information.

 

iowa_state_university_data_breach_could_affect_up_to_30_000_01

 

Instead, those responsible for the attack decided to mine for bitcoins using the school's servers - with ISU believing five network attached storage drives manufactured by Synology are at fault.

 

"We don't believe our students' personal information was a target in this incident, but it was exposed," said Jonathan Wickert, Senior VP and Provost, in a press statement. "We have notified law enforcement, and we are contacting and encouraging those whose Social Security numbers were on the compromised servers to monitor their financial reports."

Multi-state tax scam aimed at medical professionals causing headaches

Medical professionals have become victims of identity theft, with Social Security Numbers and other personal information used to help process fraudulent tax returns, according to recent reports. The victims, less than 1,000 total so far, didn't know about the breach until they tried to file their returns and found that someone else already had beaten them to the punch.

 

multi_state_tax_scam_aimed_at_medical_professionals_causing_headaches_01

 

Victims were found in the following states: Colorado, Connecticut, Vermont, Massachusetts, Iowa, North Carolina, South Dakota, Maine, Indiana, and New Hampshire. The Indiana State Medical Association (ISMA) sent a memo to healthcare professionals in the state to be aware of the tax scam.

 

"The DOR is viewing this as a large problem and officials are very concerned," said Julie Reed, ISMA general council, during a recent conversation. "While their investigation has not yet identified the source of the presumed breach, they are tracking all the cases, looking for patterns, and actively investigating and pursuing leads."

Retail stores can use NEC technology to conduct facial recognition

NEC Hong Kong is currently developing a new facial recognition technology that can be used by stores, hotels, and other retail establishments to quickly identify customers. Retailers have tried to use smartphones to help monitor customer activity, especially if guests log onto free, open Wi-Fi hotspots, though customers found ways to disable such features.

 

retail_stores_can_use_nec_technology_to_conduct_facial_recognition_01

 

When most people think of facial recognition, it's in regards to security and possible privacy issues - but NEC and companies have a more unique reasoning behind why stores, hotels, and other establishments might want to adopt the technology:

 

"Everyone loves to feel special. That's why any organization that can greet a customer by name and start helping them the minute they walk in to a shop, bank or hotel will have a tremendous advantage over one that relies on ID cards or other impersonal procedures," said Elsa Wong, NEC Hong Kong Managing Director, in a press statement.

Malwarebytes warns of 2014 FIFA World Cup Internet scam

Internet users are now being warned of a recent 2014 FIFA World Cup scam that promises recipients of a cash prize and free tickets - including an offering for more than $5 million cash and a trip to the World Cup.

 

malwarebytes_warns_of_2014_fifa_world_cup_internet_scam_01

 

Despite the outlandish offer of money, poorly written email, and rather silly email subject line, it appears that some Internet users might be getting caught up in the scam.

 

The World Cup runs from June 12 to July 13, and cybersecurity experts warn of other possible scams that could capitalize on the popular sporting event. As noted by Malwarebytes, "major sporting events are traditionally a huge draw for scammers and there will no doubt be many more of these come from now until June."

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Or Scroll Up Or Down