Shaun Nichols reports: Apple’s attempt to fix a serious security weakness in OS X has fallen short, leaving users still vulnerable to malware hijacking their Macs, it is claimed. Patrick Wardle, director of research at Synack, reckons Cupertino has not been able to kill off the so-called “Rootpipe” backdoor that was supposed to be eradicated…
Category: Commentaries and Analyses
FBI Alert Number I-042115-PSA: Hacktivists threaten to target law enforcement personnel and public officials
An alert issued today by the FBI offers law enforcement personnel some tips to protect themselves. The tips are useful advice for everyone: Summary Law enforcement personnel and public officials may be at an increased risk of cyber attacks. These attacks can be precipitated by someone scanning networks or opening infected emails containing malicious attachments…
NZ: Preliminary review reveals no improper data access to shared online medical records
Nicole Mathewson reports that so far, everyone’s been on good behavior and has not misused access to the online database: Nearly 500 instances of Canterbury health professionals accessing patient medical records have been reviewed since the country’s first online health database was launched, but all were found to be legitimate queries. … The Canterbury District…
Another week, another list of vulnerable EDU sites
Last week, this site compiled a list of universities and colleges that TeaMp0isoN had reported were vulnerable to SQL injection or XSS attacks. This week, I’ve again compiled their tweets into one list. As I did last week, I am only providing the names of the schools and not the vulnerable urls. This week, however, I am also…
Okay, so now they’ll act on the state’s recommendations
I’ve occasionally posted school district audits conducted by the New York State Comptroller’s Office to highlight the state of infosecurity – or lack thereof – in the k-12 sector. Here’s a summary of, and link to, a newly released audit (emphasis added by me): Alfred-Almond Central School District Although a previous Office of the State Comptroller…
Tax refund fraud victims blame Anthem breach, but attribution is difficult with so many breaches
Luther Turmelle reports: A spike in the number of fraudulent state income tax returns filed in Connecticut has led some Anthem Blue Cross and Blue Shield customers to believe that it is the result of the massive data breach the insurer revealed in early February. Officials with state Attorney General George Jepsen’s office acknowledge they…