-
Medical device vulnerability could let hackers steal Wi-Fi credentials
PRIVACY PRIVACY A vulnerability found in an interaction between a Wi-Fi-enabled battery system and an infusion pump for the delivery of medication could provide bad actors with a method for stealing access to Wi-Fi networks used by healthcare organizations, according to Boston-based security firm Rapid7. The most serious issue involves Baxter International’s SIGMA Spectrum infusion…
-
Responsible Disclosure for Cryptocurrency Security
PRIVACY PRIVACY Stewart Baker discusses why the industry-norm responsible disclosure for software vulnerabilities fails for cryptocurrency software. Why can’t the cryptocurrency industry solve the problem the way the software and hardware industries do, by patching and updating security as flaws are found? Two reasons: First, many customers don’t have an ongoing relationship with the hardware…
-
Transacting in Person with Strangers from the Internet
PRIVACY PRIVACY Communities like Craigslist, OfferUp, Facebook Marketplace and others are great for finding low- or no-cost stuff that one can pick up directly from a nearby seller, and for getting rid of useful things that don’t deserve to end up in a landfill. But when dealing with strangers from the Internet, there is always…
-
Our Statement of Condolence – Queen Elizabeth II – 1952 – 2022
PRIVACY PRIVACY We are deeply saddened by the passing of Her Majesty Queen Elizabeth II. We send our sincerest condolences to the Royal Family. Read More
-
Cybersecurity Snapshot: 6 Things That Matter Right Now
PRIVACY PRIVACY Topics that are top of mind for the week ending Sept. 9 | Software supply chain security in the spotlight. Guidance for evaluating IoT security tools. Increasing diversity in cybersecurity. Another look at the major cloud security threats. And much more! U.S. government stresses software supply chain security Developers got concrete guidance and…
-
North Korean state-sponsored hacker group Lazarus adds new RAT to its malware toolset
PRIVACY PRIVACY Security researchers have discovered a new remote access Trojan (RAT) being used in attack campaigns this year by Lazarus, a threat actor tied to the North Korean government. The new RAT has been used alongside other malware implants attributed to Lazarus and it’s mainly used in the first stages of an attack. Dubbed…
-
Ransomware attacks on retailers rose 75% in 2021
PRIVACY PRIVACY Retailers are fast becoming the favorite targets for ransomware criminals, with two out of three companies in the sector being attacked last year, according to a new report from cybersecurity firm Sophos. Attackers were able to successfully encrypt files in more than half of the attacks. Of 422 retail IT professionals surveyed internationally,…
-
Rapid7 Discusses SIGMA Spectrum Infusion Pump and WiFi Battery Vulnerabilities
PRIVACY PRIVACY The vulnerabilities, now fixed, allowed for a potential man in the middle attack Read More
-
Over 10% of Enterprise IT Assets Found Missing Endpoint Protection
PRIVACY PRIVACY The document analyzes data aggregated from visibility into more than 500,000 IT assets Read More
-
Facebook Has No Idea What Data It Has
PRIVACY PRIVACY This is from a court deposition: Facebook’s stonewalling has been revealing on its own, providing variations on the same theme: It has amassed so much data on so many billions of people and organized it so confusingly that full transparency is impossible on a technical level. In the March 2022 hearing, Zarashaw and…