Reuters reports: A group of small banks and credit unions suing Target Corp over its massive data breach in 2013 are moving to block the retailer’s proposed $19 million settlement with MasterCard Inc, calling it a “sweetheart deal” aimed at undercutting their own claims for losses. Lawyers for plaintiffs in the lawsuit, which seeks class-action…
Category: Malware
IN: St. Vincent Medical Group notifies patients after successful phishing attempt compromises PHI
St. Vincent Medical Group in Indiana, a member of Ascension Health, has provided a substitute notice following an e-mail phishing incident. According to their notice, a copy of which is posted on their web site, on December 3, 2014, they learned that an employee’s user name and password had been compromised as a result of e-mail phishing….
CozyDuke hackers targeting prominent US targets
John Leyden reports: A newly discovered group of cyber-spies are closely targeting high profile US targets, possibly including both the White House and the State Department. The so-called CozyDuke hackers make extensive use of spear-phishing, sometimes using emails containing a link to a hacked (otherwise legitimate) websites such as “diplomacy.pl”. Read more on The Register.
The Bad News For Infosec In The Target Settlement: OpEd
Giora Engel of LightCyber writes: The legal argument behind the $10 million Class Action lawsuit and subsequent settlement is a gross misrepresentation of how attackers operate. Central to the recent Target data breach lawsuit settlement was the idea that cyber attacks are mechanistic and follow a prescribed course or chain of events. The judge hearing the case…
OS X Yosemite still open to Rootpipe backdoor, warns ex-NSA bod
Shaun Nichols reports: Apple’s attempt to fix a serious security weakness in OS X has fallen short, leaving users still vulnerable to malware hijacking their Macs, it is claimed. Patrick Wardle, director of research at Synack, reckons Cupertino has not been able to kill off the so-called “Rootpipe” backdoor that was supposed to be eradicated…
Former member of SwaggSec sentenced to 3 years in prison for attacks on DirecTV, Farmers Insurance, and L.A. Dept. of Public Works
Nancy Dillon reports that a 32-year old hacker who used the online names of “fame” and “infam0us” and was part of SwaggSec has been sentenced to three years in federal prison for his role in attacking DirecTV, Farmers Insurance and the Los Angeles Department of Public Works: Mario Patrick Chuisano was sentenced in U.S. District Court in…