Sergiu Gatlan reports: Malicious DICOM files can be crafted to contain both CT and MRI scan imaging data and potentially dangerous PE executables, a process which can be used by threat actors to hide malware inside seemingly harmless files. Cylera’s Markel Picado Ortiz achieved this by taking advantage of a DICOM format design flaw which…
Category: Of Note
A hacker has dumped nearly one billion user records over the past two months
Catalin Cimpanu reports: A hacker who spoke with ZDNet in February about wanting to put up for sale the data of over one billion users is getting dangerously close to his goal after releasing another 65.5 million records last week and reaching a grand total of 932 million records overall. The hacker’s name is Gnosticplayers,…
Kaspersky: 70 percent of attacks now target Office vulnerabilities
Catalin Cimpanu reports: Microsoft Office products are today’s top target for hackers, according to attack and exploitation data gathered by Kaspersky Lab. In a presentation at its security conference –the Security Analyst Summit– the company said that around 70 percent of the attacks its products have detected in Q4 2018 are trying to abuse a…
A clever way to increase awareness in the workplace
Seen on Twitter. This is brilliant :))) Apparently Shawn is the HR boss. pic.twitter.com/N45GxdtwOa — Mladen Prajdic (@MladenPrajdic) April 11, 2019 [The image shows a “Password Change Sign Up Sheet” where employees can list their current password and the one they’d like it changed to. After a few employees signed up publicly that way, there’s…
Microsoft: Hackers compromised support agent’s credentials to access customer email accounts
Ingrid Lunden and Zack Whittaker report: … Microsoft has confirmed to TechCrunch that a certain “limited” number of people who use web email services managed by Microsoft — which cover services like @msn.com and @hotmail.com — had their accounts compromised. “We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the…
MD Anderson Cancer Center Appeals $4.3 Million HIPAA Fine
Marianne Kolbasuk McGee reports: The University of Texas MD Anderson Cancer Center has filed a lawsuit arguing that a $4.3 million HIPAA penalty levied against it last year by the Department of Health and Human Services following three data breaches involving unencrypted devices was unlawful. In the complaint filed Tuesday in a Texas federal court,…