Top 10 Stories

During our web crawls we sometimes come across bizarre findings or patterns we haven’t seen before. This was the case with a particular drive-by download attack planted on Chinese websites. While by no means advanced (it turned out to be fairly buggy), we witnessed a threat actor experimenting with several different exploits to drop malware. For years we have cataloged thousands of Chinese websites injected with the same malicious and rudimentary VBScript code. Even to...

A series of programming and printing errors resulted in Explanation of Benefits (EOB) letters being sent to the incorrect CarePlus Health Plan members, an organization spokesperson confirmed to HealthITSecurity.com. Approximately 11,200 individuals may have had their information involved in the PHI data breach. The disclosed information included member names, CarePlus Health identification numbers and plan names, date(s) of service(s), provider of services, services provided. Personal financial information and Social Security numbers were not included in the EOB...

The Colorado Department of Transportation (DOT) has shut down over 2,000 computers after some systems got infected with the SamSam ransomware on Wednesday, February 21. The agency's IT staff is working with its antivirus provider McAfee to remediate affected workstations and safeguard other endpoints before before reintroducing PCs into its network. DOT officials told local press that crucial systems were not affected, such as those managing road surveillance cameras, traffic alerts, message boards, and others....

US Federal agencies reported more breaches last year (57 percent) than any other industry sector by a wide margin, well ahead of the global average of 36 percent according to a new report. Yet the findings from Thales eSecurity show that only 42 percent of government respondents claim to be 'very' or 'extremely' vulnerable, compared to 68 percent of US respondents across the board. In the past year 57 percent of federal respondents have experienced a data...

Punjab National Bank is reeling under great stress due to the Rs 11,400 crore banking fraud that happened recently. To add to the problems, a new data breach has been reported by The Asia Times. Allegedly, data of some 10,000 credit and debit card holders has been compromised due to this leak. The report suggests that the data includes names, expiry dates, personal identification numbers and even card verification values of around 10,000 bank account holders. The...

Intel did not inform U.S. cyber security officials of the so-called Meltdown and Spectre chip security flaws until they leaked to the public, six months after Alphabet notified the chipmaker of the problems, according to letters sent by tech companies to lawmakers on Thursday. Current and former U.S. government officials have raised concerns that the government was not informed of the flaws before they became public because the flaws potentially held national security implications. Intel said it did...

Security researchers have found that hackers are using code-signing certificates more to make it easier to bypass security appliances and infect their victims. New research by Recorded Future's Insikt Group found that hackers and malicious actors are obtaining legitimate certificates from issuing authorities in order to sign malicious code. That's contrary to the view that in most cases certificates are stolen from companies and developers and repurposed by hackers to make malware look more legitimate. View...

Dating application Tinder helps users find love - and flings - but a researcher revealed this week that an easy-to-exploit security bug recently left accounts and private chats exposed to hackers. Indian engineer Anand Prakash, a serial bug hunter, said in a Medium post on Wednesday, February 20, that a flaw in a Facebook-linked program called Account Kit let attackers access profiles armed with just a phone number. Account Kit, implemented into Tinder, is used by developers to let users...

A new campaign involving suspected Lebanese hackers has been uncovered, which involves cybercriminals creating fake Facebook profiles and using social engineering to lure potential victims into downloading an Android spyware. According to security researchers at Avast, who uncovered the new attacks, the hackers spread the spyware, dubbed Tempting Cedar, via fake Facebook profiles that engaged with potential victims. The targets were persuaded by the hackers operating the fake profiles to download the spyware, which was disguised as the...

Hackers are using malicious emails disguised as important Swift messages to spread the cross-platform remote access trojan (RAT) Adwind. According to Comodo Group's Threat Research Lab, the spam messages claim to contain important information regarding a "wire bank transfer to your designated bank account" from the Swift network, the global banking industry's payments messaging system. The phishing email prompts users to review an attached document to check the details and make sure there are no discrepancies regarding the...