On May 14th, the Billings Clinic in Montana issued a breach notification statement, which explained that they detected unusual activity within one of its employee's email accounts. The employee in question was traveling overseas on a medical mission when the email account was compromised. "As a result of the forensics investigation, we learned that an unauthorized individual had access to emails and attachments within that one account, some of which included patient information." As for … Read more
Thermal Imaging Could Help Thieves Steal Your Passwords
As if there weren't enough ways for hackers to steal your passwords, now, there's thermal imaging. If that sounds like something straight out of a science fiction movie, think again. Researchers from the University of California at Irvine recently discovered and demonstrated a technique that involves the use of a thermal imaging camera to capture heat traces left by human fingertips as they type passwords into a keyboard. In fact, their technique is effective for up to thirty seconds after … Read more
Open Database Exposes Info Of 340 Million People
Internet security researcher Vinny Trola recently made a huge and disturbing discovery. A marketing firm called Exactis had left a massive database unsecured, allowing anyone who stumbled across it to access it. As a marketing firm, Exactis collects simply mind-boggling amounts of data on consumers all over the globe. The database in question was a staggering two terabytes in size, and contained more than 150 data fields. Social security numbers were not included in the exposed data. A … Read more
Turn Cortana Off At Lock Screen To Avoid Potential Hack
Do you use Cortana? It's a handy virtual assistant (like Siri) built into Windows 10. Unfortunately, as useful as she is, there's a problem. Even if you don't use Cortana yourself, take heed: Microsoft has recently issued a security update based on findings by McAfee researchers. It turns out that Cortana can be "summoned" from the lock screen of your PC and used to execute attacks by tricking the ever-helpful Cortana into indexing files from a USB drive, then executing them. To … Read more
Attackers Targeting Job Seekers Via Listings And Recruitment
Cyber-criminals around the world are increasingly focusing their attention on job seekers. According to the security firm Flashpoint, there has been a notable uptick in ploys involving phony job listings that attempt to get job seekers to give up personal information. Perhaps the biggest surprise is the fact that this is only now becoming a growing threat. After all, from the cyber-criminal's point of view, it's low hanging fruit. Job seekers expect that they'll be asked for all types of … Read more
T-Mobile Site Leaked Data On Millions Of Customers
ZDNet Researcher Ryan Stevenson recently found a big problem on T-Mobile's website regarding an unprotected API. As a result of the flaw, untold millions of T-Mobile's customers' account information was left exposed and completely unprotected. Literally anyone who stumbled across the site and tried to abuse it could access a wide range of customer information with no password required. This includes, but is not limited to: Customer name Phone number Mailing Address Account … Read more
FBI Advises Users To Reboot Their Routers
Cisco's Talos Security Team has identified a new threat, and it's a nasty one impacting more than half a million consumer-grade routers in the US. According to the Talos Team's report, the new malware is impacting a broad cross-section of routers made by TP-Link, QNAP, Netgear, Mikrotik, and Linksys. Known as "VPNFilter," the malware currently infecting routers appears to be the first stage in a multi-phase attack, with the first segment allowing the hackers to collect a wide range of … Read more
New Vulnerability May Expose Encrypted Emails
Security researchers at the Electronic Frontier Foundation (EFF) have discovered a dangerous new email vulnerability called "Efail." Exploiting this new email vulnerability would allow hackers to decrypt emails encrypted with either PGP or S/MIME - including emails that were sent several years earlier. Both of these encryption tools are commonly used by politicians, journalists and other professionals who need a secure means of electronic communication. Since the standards are so well … Read more
Chili’s Is The Latest To Suffer A Credit Card Breach
Brinker International (the parent company of the Chili's restaurant chain) formally announced that on May 11, they discovered malware on an undisclosed number of their point of sales terminals. Details are sketchy at this point, because the investigation is still ongoing, but the company had the following to say about the incident: "If you used your payment card at a Chili's restaurant between March and April 2018, it does not mean you were affected by this incident. However, out of an … Read more
Vega Stealer Malware Goes After Your Saved Credentials
There's a new security threat to be worried about, and security professionals are warning that it could be very bad indeed. The new malware is known as the "Vega Stealer," and is currently being used in a relatively simplistic phishing campaign designed to harvest financial data that has been saved in both Google Chrome and Firefox browsers. Unfortunately, based on an analysis of the code, it could be a much more serious threat. Vega Stealer isn't 100 percent original work, but rather, is a … Read more
