Catalin Cimpanu reports: US Cyber Command has issued an alert via Twitter today about threat actors abusing an Outlook vulnerability to plant malware on government networks. The vulnerability is CVE-2017-11774, a security bug that Microsoft patched in Outlook in the October 2017 Patch Tuesday. Read more on ZDNet.
Category: Of Note
D-Link Agrees to Make Security Enhancements to Settle FTC Litigation
Smart home products manufacturer D-Link Systems, Inc., has agreed to implement a comprehensive software security program in order to settle Federal Trade Commission allegations over misrepresentations that the company failed to take reasonable steps to secure its wireless routers and Internet-connected cameras. The settlement ends FTC litigation against D-Link stemming from a 2017 complaint in…
Former Equifax employee sentenced for insider trading
ATLANTA, JUNE 27 – Jun Ying, the former Chief Information Officer of Equifax U.S. Information Solutions, has been sentenced to federal prison for insider trading. “Ying thought of his own financial gain before the millions of people exposed in this data breach even knew they were victims,” said U.S. Attorney Byung J. “BJay” Pak. “He…
Pre-2013 Medtronic insulin pumps could be vulnerable to hacking
Joe Carlson reports: Medtronic is warning thousands of users of its older insulin pumps worldwide that the devices may contain a serious cybersecurity vulnerability allowing a malicious hacker to change drug-delivery settings and send the patient into a diabetic emergency. The warning applies to Medtronic insulin pumps that were introduced to the market before 2013….
Jack’d To Pay $240K For Private Photos Leak
Devin Randall reports: Jack’d is paying out money make up for its picture leak. Earlier this year, we shared with you how a single tech expert Oliver Hough discovered that there was a large hole in Jack’d’s code. It turns out, the company did not properly secure photos and data uploaded using Amazon Web Services…
UK: Former company director believed to have profited by more than £1.4 million after selling personal data illegally
From the Information Commissioner’s Office: A former company director found guilty of illegally obtaining people’s personal data and selling it to solicitors chasing personal injury claims, has been fined for breaches of data protection and issued with a confiscation order under the Proceeds of Crime Act 2002. David Cullen of Middleton Road, Manchester, was the…