Search Results for "Target"

Report: Community Health Hack Linked To Heartbleed OpenSSL Hole

The security firm TrustedSec said in a blog post on Tuesday that a recent hack of the healthcare network Community Health Services was the result of an attack on the so-called “Heartbleed” vulnerability in OpenSSL. According to TrustedSec, attackers targeted vulnerable VPN (virtual private network) software from Juniper networks in a breach that affected an estimated 4.5 million patients. TrustedSec cited a “trusted and anonymous source close to the CHS investigation” in its blog post. It said attackers were able to glean user credentials from memory on a CHS Juniper device by exploiting the Heartbleed vulnerability. Those credentials were used to login via the VPN to CHS’s network, then move laterally to the servers containing the patient data. [Read more Security Ledger coverage of the Heartbleed vulnerability here.] A separate report by Bloomberg attributed the attack to hackers in China, though it did not provide any evidence linking the attackers to a specific Chinese […]

Continue Reading

Report: Android Shield Adds Invisible Encryption To Mobile Apps

Wired reports on a team from Georgia Tech that has designed software that acts as an overlay on Android smartphones’ communication applications, encrypting communications to and from those apps, while mimicking their user interface. The researchers describe the technology as a “transparent window” over apps that prevents unencrypted messages from leaving the user’s device. “The window acts as a proxy between the user and the app. But the beauty of it is that users feel like they’re interacting with the original app without much, if any, change,” says Wenke Lee, the Georgia Tech professor who led the developers. “Our goal is to make security that’s as easy as air. You just breathe and don’t even think about it.” The researchers call their prototype Mimesis Aegis, or M-Aegis, Latin for “mimicry shield.” They plan to present their research at the Usenix Security conference this week. Read more via Wired: This Android Shield Could […]

Continue Reading

Was An IPMI Flaw Behind 300Gbps DDoS Attack? – ComputerworldUK.com

Computerworld UK has an interesting story that digs into a massive, 300 Gbps DDoS attack that used a flaw in the IPMI protocol to compromise 100,000 unpatched servers, which were then used to send junk traffic to the victim site. The attack was documented by the security firm VeriSign in its quarterly threat report. The flaw, in the Intelligent Platform Management Interface (IPMI) is a well-documented security hole that affects a wide range of devices. The attack in question took place in June and targeted what Verisign described as a content delivery network (CDN) in the media and entertainment sector. The attack combined a variety of techniques, including SYN, TCP and UDP protocols to flood a target data center. The attacks reached a peak traffic volume 300 Gbps and lasted more than a day, prompting Verisign to balance the load across its global network. Verisign attributed the massive volume of the attack to a botnet made up […]

Continue Reading

Report: Hospital network hacked, 4.5 million records stolen

News today that Community Health Systems, a national hospital network that  operates 206 hospitals across the United States, was the victim of a cyber attack that resulted in the theft of 4.5 million patients. According to CNN Money, hackers gained access to patient names, Social Security numbers, physical addresses, birthdays and telephone numbers. The breach affects anyone  who received treatment from a physician’s office tied to a Community Health Systems network-owned hospital in the last five years. The FBI is investigating the breach. Community Health Systems’ hospitals operate in 28 states but have their most significant presence in Alabama, Florida, Mississippi, Oklahoma, Pennsylvania, Tennessee and Texas. Help Net Security has a panel of experts comment. The consensus is that the healthcare sector is more in the cross hairs for sophisticated attacks that are intended to steal personal information that can be used for identity theft scams. Read more over at CNN Money: Hospital network hacked, 4.5 million […]

Continue Reading

Report: Symantec on Threats to Virtual Environments

The folks over at SANS Internet Storm Center are pointing to a new study by Symantec that warns of threats posed by malicious code to virtual environments and warns that threats such as that the network traffic within virtual containers may not be monitored by services such as IDS or DLP. The paper covers how malware behaves in virtual environments. Specifically, the report examines W32.Crisis, a malicious program that is known to target virtual environments. The Crisis malware doesn’t exploit any specific vulnerability, SANS notes. Rather: it takes advantage of how the virtual machines are stored in the host system to manipulate that environment for malicious purposes while escaping detection. via InfoSec Handlers Diary Blog – Threats to virtual environments.

Continue Reading
1 241 242 243 244 245 320