Alyson Klein reports: A K12 Inc. company database that included information for 19,000 students was available for anyone with an internet connection to see for at least a week, according to a report from Comparitech, which describes itself as a pro-consumer organization that offers security services. It’s not clear that anyone with ill intentions accessed…
New versions of FinFisher mobile spyware discovered in Myanmar
Catalin Cimpanu reports: Security researchers from Kaspersky Lab have discovered new and improved versions of the FinFisher spyware. The new versions, which target Android and iOS phones, have been in use since 2018, and the most recent FinFisher implants have been discovered active as late as last month, in Myanmar, a country in the midst…
Anaesthetic devices ‘vulnerable to hackers’
Chris Baraniuk reports: A type of anaesthetic machine that has been used in NHS hospitals can be hacked and controlled from afar if left accessible on a hospital computer network, a cyber-security company says. A successful attacker would be able to change the amount of anaesthetic delivered to a patient, CyberMDX said. Alarms designed to…
VA: Arlington Investigating Cyber Attack on County Payroll System
ARLNow reports: (Updated at 5:20 p.m.) Arlington County has revealed a cyber attack that penetrated the county’s payroll system. In a statement, the county says a number of employees were impacted by the intrusion, but did not specify the exact number or impacts. The intrusion appears to be the result of a “phishing” email targeting…
DNA-testing service exposed thousands of customer records online
Nico Grant reports: DNA-testing service Vitagene Inc. left thousands of client health reports exposed online for years, the kind of incident that privacy advocates have warned about as gene testing has become increasingly popular. More than 3,000 user files remained accessible to the public on Amazon Web Services cloud-computer servers until July 1, when Vitagene…
Hackers breached Greece’s top-level domain registrar
Catalin Cimpanu reports: State-sponsored hackers have breached ICS-Forth, the organization that manages Greece’s top-level domain country codes of .gr and .el. ICS-Forth, which stands for the Institute of Computer Science of the Foundation for Research and Technology, publicly admitted to the security incident in emails it sent ot domain owners on April 19. The hackers…