Fraud

Health Exchanges Need A Fail Whale

In a blog post on Veracode’s blog today, I write about the problems encountered at government-run online health exchanges that were intended to connect millions to private insurance plans under the Affordable Care Act. The exchanges opened to the public on Tuesday, and they got off to a rocky start, with reports of web sites paralyzed as millions of uninsured Americans logged on to sign up for subsidized health insurance. In some cases, the problems appear to have been caused by “external factors.” New York State’s online health exchange was felled by the weight of more than 10 million requests of dubious origin, The New York Post reported. But other exchanges, including Healthcare.gov the federal government’s main health insurance storefront, which is used by residents or more than half of the states, were victims of their own success: overwhelmed when the doors swung open and millions of eager customers poured […]

Continue Reading

Losing The Future: Schneier On How The Internet Could Kill Democracy

With his deep background in both cryptography and Internet security, Bruce Schneier is of the most thoughtful commentators on all matters cyber. So revered is he, that he even inspired a list of humorous Chuck Norris-style “Bruce Schneier” facts . In recent months, Bruce has been an invaluable sounding board amid the drip-drip-drip of details of ubiquitous government surveillance stemming from Edward Snowden’s leak of classified intelligence on NSA spying and cyber operations. In this video, from a recent speech Bruce did at the TEDxCambridge event up here in the Boston area, he goes a bit deeper: drawing out the current trend lines like hacktivism, Facebook- and Twitter-fueled popular revolutions, civil war and mass surveillance, and trying to discern what the future might look like. /div> Bruce’s theory: although nimble groups of activists, dissidents and hackers have been more adept at using the Internet and innovative technologies and platforms built on […]

Continue Reading

FDA Will Regulate Some Apps As Medical Devices

In an important move, the U.S. Food And Drug Administration (FDA) has released final guidance to mobile application developers that are creating medical applications to run on devices like the iPhone and Android mobile devices. Some applications, it said, will be treated with the same scrutiny as traditional medical devices.* The statement is the final word from the FDA on the approach it will take when enforcing federal regulations regarding the safety of medical devices to the large and fast-growing category of medical applications. The agency said on Monday that, while it doesn’t see the need to vet “the majority of mobile apps,” because they pose “minimal risk to consumers,” it will exercise oversight of mobile medical applications that are accessories to regulated medical devices, or that transform a mobile device into a regulated medical device. In those cases, the FDA said that mobile applications will be assessed “using the same […]

Continue Reading

iPhone TouchID Falls To Well-Known Hack

Apple’s Touch ID may be the new thing when it comes to signing on to your iPhone. But the underlying finger print scanning technology proved vulnerable to a very old-school attack, according to information posted by the German hacking crew The Chaos Computer Club (CCC). The group announced late Saturday that it was able to successfully bypass TouchID with a fake fingerprint, lifted from a glass surface. “This demonstrates – again – that fingerprint biometrics is unsuitable as access control method (sp) and should be avoided,” the group wrote in blog post announcing the compromise. Apple’s Touch ID biometric sign-on was the major new feature in the just-released iPhone 5S (the feature is not offered for the lower-cost 5C, which was also just announced.) The feature makes use of technology Apple acquired in July 2012 with the firm AuthenTec, and its addition to the iPhone line was no surprise. But […]

Continue Reading

Sharing Threat Intelligence To Sort Out Targeted Attacks

Headlines about “advanced persistent threats” and targeted attacks have organizations of all sizes concerned. Barely a week goes by without news of a new, stealthy campaign targeting executives, government leaders or platforms used by prominent organizations. But while APT-style and targeted attacks may have the attention of the boardroom, organizations still face a Herculean task determining when an attack they’ve detected is targeted, and when it is merely indiscriminate. To help answer that question, I “hung out” with two experts in detecting and analyzing malicious threats to enterprises. Anup Ghosh is the CEO and co-founder of Invincea, which makes malware detection tools that isolate threats on endpoints. Matt Hartley is the Senior Director, Intelligence Lab Services at iSIGHT Partners, a cyber threat intelligence firm. Both told me that, while targeted attacks are on the rise, awareness about them is also at an all time high. That can, sometimes, result in organizations […]

Continue Reading
1 14 15 16 17 18 21