Posted December 1, 2015
We publish this weekly threat intelligence brief keep you informed on the latest security incidents and threats. For security news throughout the day, follow us on Twitter. Subscribe to our blog to stay up-to-date on findings from our analyst research reports!
“When health care data has been stolen, many victims find out too late or not at all. Two major problems with health care data hacking, mentioned by the 2014 Bitglass report:
- Today’s health care organizations are not set up to identify illicit records activity and are therefore unable to eliminate it
- Healthy patients may not learn about a breach until they have a reason to seek treatment, which is the most stressful time to have to deal with such a problem
It can be misleading to think a hacker’s sole purpose is to harm patients, when actually this is just an extremely unpleasant side effect of criminal business. Medical identity theft can cause difficulties like lost insurance coverage, mixed up records, higher premiums, medical harm and false diagnosis. But the reason healthcare data hacking exists is that there’s a lucrative market for the data, and a working supply-and-demand model with both buyers and sellers.”
– eSecurity Planet
The United States Computer Emergency Readiness Team (US-CERT) reported that a popular computer company has been shipping product containing a serious security vulnerability that exposes users to online eavesdropping and malware attacks since August 2015. The company said it is prepping a fix for the issue, but experts say the threat may ultimately need to be stomped out by the major web browser makers. The issue is a root certificate installed on the company’s newer computers that also includes the private cryptographic key for that certificate. Attackers can use this key to sign phony browser security certificates for any HTTPS-protected site.
Legal and Regulations
– Technology Law Dispatch
“As the holiday shopping season swings into high gear, a cybersecurity firm is warning of a “highly sophisticated” malware framework that could pose a threat to U.S. retailers using point-of-sale (POS) systems. Called ModPOS (for “modular POS”), the malware has been seen in the wild as far back as 2012, and was observed actively targeting businesses throughout 2014.”
“A massive VTech breach earlier this month exposed the personal details of 4.8 million parents and more than 200,000 children. VTech has temporarily suspended its Learning Lodge app store and a number of related websites “for thorough security assessment and fortification.” […] The hacked data includes names, email addresses, passwords, and home addresses, and download history of adults who purchased VTech products, as well as the first names, genders, and birthdays of hundreds of thousands of kids.”
– PC Mag
“DHS Inspector General found that DHS is running dozens of unpatched databases, some of which are rated “secret” and even “top secret.” An audit of the department’s IT infrastructure has found large security gaps, including the fact that 136 systems had expired “authorities to operate” – that is, no one was in charge of keeping them updated. Of the 136, 17 were classified as “secret” or “top secret.””
– Homeland Security News Wire