- Symantec: Well-heeled hacking group Black Vine behind Anthem breach
- Maliciously crafted MKV video files can be used to crash Android phones
- Russian hackers use Twitter to mask sneaky data theft
- Partner-driven Australian security market drives world-leading growth for ESET
- No building access card? No problem if you have new Def Con tools
intrusion - News, Features, and Slideshows
After the Office of Personnel Management breach, medical data was labeled as the "holy grail" for cybercriminals intent on espionage. "Medical information can be worth 10 times as much as a credit card number," reported Reuters. And now to steal such information, hospital networks are getting pwned by malware-infected medical devices.
Follow me, if you will, on a journey back in time to just one year ago. As 2013 turned into 2014, the information security industry was buzzing about the latest spate of breaches. Target had ushered in a new era of retail security breaches, with 40 million card numbers lost to the hackers. Little did we know at the time that this was just the beginning, and small potatoes in comparison to what was to come. One year ago, Neiman Marcus and Michaels had joined Target, and I wrote in response to the growing number of breach disclosures that "in fact, I have to wonder which retailers have not suffered breaches. The word on the street is that at least a half-dozen other retailers were compromised in the past few months, without publicity." Sadly, this turned out to be true. I hate being right all the time.
In today's threatscape, antivirus software provides little piece of mind. In fact, antimalware scanners on the whole are horrifically inaccurate, especially with exploits less than 24 hours old. After all, malicious hackers and malware can change their tactics at will. Swap a few bytes around, and a previously recognized malware program becomes unrecognizable.
Police in Austin, Texas, set up sting operations with cars they have under surveillance, watching for thieves to break into them. Marcus J. Carey's Web service, HoneyDocs -- born in the same city -- uses the same concept, only with computer files.
Security pros and government officials warn of a possible cyber 9/11 involving banks, utilities, other companies, or the Internet
Last week Gen. David Petraeus, the director of the Central Intelligence Agency, resigned in response to what has turned out to be a much bigger scandal than it first appeared.
Not long ago, the legal department at a financial services company in New York got a phone call from a hospital in London. The query: Why are you hacking us? With two known IP addresses, it wasn't difficult for the financial firm's information security staff to go back through the logs looking for traffic between the two organizations. And with the traffic identified, locating the computer from which the hacks were taking place didn't take long, either. The culprit: an individual who-as their human resources records soon confirmed-had formerly worked at that very hospital.