Catalin Cimpanu reports: US Cyber Command has issued an alert via Twitter today about threat actors abusing an Outlook vulnerability to plant malware on government networks. The vulnerability is CVE-2017-11774, a security bug that Microsoft patched in Outlook in the October 2017 Patch Tuesday. Read more on ZDNet.
Category: Commentaries and Analyses
D-Link Agrees to Make Security Enhancements to Settle FTC Litigation
Smart home products manufacturer D-Link Systems, Inc., has agreed to implement a comprehensive software security program in order to settle Federal Trade Commission allegations over misrepresentations that the company failed to take reasonable steps to secure its wireless routers and Internet-connected cameras. The settlement ends FTC litigation against D-Link stemming from a 2017 complaint in…
Former Equifax employee sentenced for insider trading
ATLANTA, JUNE 27 – Jun Ying, the former Chief Information Officer of Equifax U.S. Information Solutions, has been sentenced to federal prison for insider trading. “Ying thought of his own financial gain before the millions of people exposed in this data breach even knew they were victims,” said U.S. Attorney Byung J. “BJay” Pak. “He…
Pre-2013 Medtronic insulin pumps could be vulnerable to hacking
Joe Carlson reports: Medtronic is warning thousands of users of its older insulin pumps worldwide that the devices may contain a serious cybersecurity vulnerability allowing a malicious hacker to change drug-delivery settings and send the patient into a diabetic emergency. The warning applies to Medtronic insulin pumps that were introduced to the market before 2013….
Bulgarian IT Specialist in Detention For Vulnerability Demonstration
A reader, Devrimer Duman, alerted me to the following situation, but the original source is in Bulgarian, so I’m going to post the beginning part of Google’s translation: Petko Petkov, the founder of the largest IT space in Stara Zagora, was arrested for 24 hours for a video on Facebook with a demonstration pointing out…
Seven weeks after a crippling ransomware attack, Lake City agrees to pay almost $500,000 ransom demand
On June 11, DataBreaches.net noted a report that Lake City, Florida was struggling to recover from “triple threat ransomware.” The attack had occurred on May 10, and one month later, the city’s landline phones were still knocked out and other services were also affected, although emergency services were operating. Now, one week after another Florida…