Bradley Barth reports: A supposedly legitimate French software firm, Tuto4PC, has actually infected an estimated 12 million PC users with a generic trojan disguised as downloadable utilities programs, according to an in-depth analysis from Cisco’s Talos research division. The so-called utilities software creates a backdoor on infected machines to automatically deliver payloads with spyware and adware capabilities, explained blog post authors and researchers Warren Mercer…
Ca: Nurse found guilty of professional misconduct for snooping into patient records
May Warren reports: A Peterborough nurse has been found guilty of professional misconduct for accessing almost 300 confidential patient records at Peterborough Regional Health Centre over two years, at a disciplinary hearing she fought to keep secret. Mandy Edgerton (formerly Edgerton-Reid) was slapped with a four-month suspension and a formal reprimand on Wednesday, by a…
AU: Gumtree Australia notifies users of breach
As if he doesn’t have enough breaches to report on, Lee J. (@Cyber_War_News on Twitter) just received a breach notification letter from Gumtree Australia, an online classified ads site. Lee shared it on Pastebin: Dear Lee, We are writing to let you know that some of your Gumtree account information was compromised in a security attack…
Toymaker’s website pushes ransomware that holds visitors’ files hostage
Infecting site visitors with malware cannot be good for business. Their PR department must be going nuts over this one…. Dan Goodin reports: The website belonging to Maisto International, a popular maker of remote-controlled toy vehicles, has been caught pushing ransomware that holds visitors’ files hostage until they pay a hefty fee. Malicious files provided by…
Goldcorp claims that there was an extortion attempt
Following up on my report on Daily Dot about Goldcorp being hacked and a lot of data being dumped, Bloomberg News now reports that Goldcorp’s CEO claims there was an extortion attempt. Obviously, I will be trying to follow up on this new development.
Opportunities Exist for SEC to Improve Its Controls over Financial Systems and Data – GAO
From a new GAO report: The Securities and Exchange Commission (SEC) improved its information security by addressing weaknesses previously identified by GAO, including separating the user production network from the internal management network. However, weaknesses continue to limit the effectiveness of other security controls. In particular: While SEC had issued policies and implemented controls based…