Infosec News

Carries news items (generally from mainstream sources) that relate to security.

Carries news items (generally from mainstream sources) that relate to security.
  1. Posted by InfoSec News on Dec 06

    https://www.healthcareitnews.com/news/7-steps-pass-or-better-yet-avoid-ocr-security-audit

    By Bill Siwicki
    Healthcare IT News
    December 04, 2019

    The U.S. Department Health and Human Services’ Office for Civil Rights is
    responsible for auditing and enforcing compliance with the HIPAA security and
    privacy regulations, as well as the additional rules and clarifications
    contained in HITECH.

    OCR enforces privacy and security rules through...
  2. Posted by InfoSec News on Dec 06

    https://www.theregister.co.uk/2019/12/05/iran_zerocleare_attack/

    By Shaun Nichols in San Francisco
    The Register
    5 Dec 2019

    An Iran-based hacking crew long known to target energy facilities in
    neighboring Middle Eastern countries is believed to be launching new attacks.

    The team at IBM's X-Force said an actively spreading malware package dubbed
    ZeroCleare looks to be in part the work of APT34, a hacking crew commonly
    accepted to be...
  3. Posted by InfoSec News on Dec 06

    https://arstechnica.com/information-technology/2019/12/members-of-evil-corp-the-cybercrime-group-that-lived-in-luxury-are-indicted/

    By Dan Goodin
    Ars Technica
    12/5/2019

    Federal prosecutors have indicted the kingpin of Evil Corp, the name used by a
    cybercrime gang that used the notorious Dridex malware to drain more than $70
    million from bank accounts in the US, UK, and other countries.

    Maksim V. Yakubets, a 32-year-old Russian national who...
  4. Posted by InfoSec News on Dec 06

    http://timesofindia.indiatimes.com/articleshow/72391600.cms

    The Times of India
    December 5, 2019

    PUNE: The prominent jewellery firm, whose 12 bank accounts were hacked in
    November this year, used to operate the accounts with the help of the bank
    app. Police said the fraudsters siphoned off the money by hacking the app
    and changing the password.

    “The security of these 12 accounts was compromised by the hackers. They
    bugged the e-banking...
  5. Posted by InfoSec News on Dec 06

    https://www.nextgov.com/ideas/2019/12/practical-guide-next-steps-pentagons-vendor-cyber-certification-program/161700/

    By Bret C. Cohen
    CEO, Tier 1 Cyber
    December 5, 2019

    With the release of the Defense Department’s Cybersecurity Maturity Model
    Certification 0.6, there are new guidelines that will require defense
    contractors to act now to prepare. Instead of a technical summary of the 90-page
    guidance, here are the steps businesses can take...
  6. Posted by InfoSec News on Dec 06

    https://www.defenseone.com/threats/2019/12/small-contractors-struggle-meet-new-cyber-security-standards-pentagon-finds/161625/

    By Marcus Weisgerber
    Defense One
    December 2, 2019

    Even large companies aren’t doing as well as they think they are, the
    assistant acquisition chief said Monday.

    Small companies are struggling to meet the Pentagon’s newish network
    security rules, and even larger contractors aren’t doing as well as they
    think...
  7. Posted by InfoSec News on Dec 06

    https://www.nytimes.com/2019/12/02/well/live/Dexcom-G6-diabetes-monitor-outage.html

    By Anahad O’Connor
    The New York Times
    December 2, 2019

    For many parents of children with diabetes, the Dexcom G6 continuous glucose
    monitor is a lifesaver. The device tracks their children’s glucose levels and
    sends them an alert when their blood sugar climbs too high or falls too low,
    allowing them to take quick action to correct it.

    But around midnight...
  8. Posted by InfoSec News on Dec 06

    https://www.chicagotribune.com/business/transportation/ct-biz-cta-bus-system-lawsuit-bus-alerts-20191204-hk4aydeo2jah5icvfnj24a4e2a-story.html

    By Mary Wisniewski
    Chicago Tribune
    December 4, 2019

    A former CTA computer programmer has sued the agency, alleging that he was
    forced to resign for pointing out a security flaw in the bus alert system.

    Christopher George Pable, 34, of the Austin neighborhood, filed a whistleblower
    complaint against...
  9. Posted by InfoSec News on Dec 06

    https://www.theregister.co.uk/2019/12/05/atlassian_zero_day_bug/

    By Thomas Claburn in San Francisco
    The Register
    5 Dec 2019

    Updated Twitter security celeb SwiftOnSecurity on Tuesday inadvertently
    disclosed a zero-day vulnerability affecting enterprise software biz Atlassian,
    a flaw that may be echoed in IBM's Aspera software.

    The SwiftOnSecurity Twitter account revealed that Atlassian provided a domain
    that resolved to a local server...
  10. Posted by InfoSec News on Dec 06

    https://www.bloomberg.com/news/features/2019-12-03/merck-cyberattack-s-1-3-billion-question-was-it-an-act-of-war

    By David Voreacos, Katherine Chiglinsky, and Riley Griffin
    Bloomberg Markets
    December 2, 2019

    By the time Deb Dellapena arrived for work at Merck & Co.’s 90-acre campus north
    of Philadelphia, there was a handwritten sign on the door: The computers are
    down.

    It was worse than it seemed. Some employees who were already at their...

logo joomla Open Source CMS   logo Magento Open Source eCommerce     logo Paypal Credit Card Processinglogo Adobe Illustrator & Photoshoplogo Google Analytics & Adwords

Login Form