Archive for the ‘computer security software’ category

Hackers demand ransom to open disabled door locks

February 12th, 2017

Austria’s four-star, 111-year-old Romantik Seehotel Jagerwirt mentioned that its internal systems were recently breached. Hackers disabled both the hotel’s electronic door locks and the reservation system. The attack against the facility means that the new keys couldn’t be created and also reservations couldn’t be checked or confirmed.

Hotel has to pay 2 Bitcoins (almost $2,000) to get control of the systems back to the hotel.

“The house was totally booked with 180 guests, we had no other choice,” hotel managing director Christoph Brandstaetter told The Local. “Neither police nor insurance help you in this case.”

This was the third cyber attack for the hotel, Brandstaetter said.  It also faced fourth attack as new computers were placed along with new security standards.

“The restoration of our system after the first attack in summer has cost us several thousand Euros,” Brandstaetter said. “We did not get any money from the insurance so far because none of those to blame could be found.”

“We are planning at the next room refurbishment for old-fashioned door locks with real keys,” he said. “Just like 111 years ago at the time of our great-grandfathers.”

As per the recent research survey of nearly 1,000 enterprise IT buyers, half believe that the security is crucial.  Still many are moving towards IOT. Around 90 percent of enterprises plan to increase IoT spending. The research showed that the IoT-related spending will increase by 33 percent.

Other finding include:

Fifty four percent said a lack of trained IoT staff is not an issue for their organizations.

Forty six percent said they’re having difficulty filling IoT-related positions.

“When it comes to IoT adoption, pragmatism rules,” 451 Research director Laura DiDio said in a statement. “The survey data indicates enterprises currently use IoT for practical technology purposes that have an immediate and tangible impact on daily operational business efficiencies, economies of scale and increasing the revenue stream.”

___________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements.

Funding for bug bounty vendor

February 9th, 2017

As per the recent news, one can make money in the rewarding business of security researchers for finding security vulnerabilities. HackerOne published that they have raised a $40M Series C round of funding. Total funding received till date for the San Francisco based company is $74 Million.

Dragoneer Investment Group led new round of funding. It will be used to help HackerOne grow its business.

“HackerOne is at the forefront of the burgeoning bug bounty movement,” Marc Stad, Founder and Managing Partner of Dragoneer Investment Group, said in a statement. “It is borderline silly for a company not to utilize a bug bounty platform given the immediate reduction in security vulnerabilities and the relatively low price point compared to other security options.”

Rice, co-founder and CTO of HackerOne in the video interview mentioned the statistics of business growth. Also, discussed the bugs found by HackerOne’s community of researchers.

Hacking the pentagon program was one of the major successes of HackerOne. The results were positive. It has 1,400 security researchers participating in the program. It also discovered 138 serious vulnerabilities which were fixed quickly. Also, the U.S. Department of Defense also got involved in the program.

HackerOne faces competition from bug bounty vendor Bugcrowd. The rival has raised $24 million in funding to date which includes $15 million Series B round.

“When I started the company in 2013, I spent most of my time explaining what a bug bounty was to people,”Bugcrowd founder and CEO Casey Ellis said. “I don’t have to do that anymore.”

“How we do things today is we prove a concept manually first, apply human intelligence to the problem set and then take the repeatable learnings and codify that,” Ellis said.

The market of buy bounty is competitive but there is demand. Rice also mentioned that more bugs have been found by third party bug bounty companies as compared to vendors.

_____________________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Software glitch at TriHealth

January 31st, 2017

TriHealth recently suffered software glitch which replaced the mailing addresses of 1,126 TriHealth patients with an old address. The healthcare organization had the old address on another file. The glitch resulted in sending billing statements and other correspondence to the previous addresses of patients.

“Please be assured that TriHealth takes patient privacy very seriously. The addresses of the affected patients have been corrected in TriHealth’s computer system and the software problem has been fixed. Please accept our sincere apology for any inconvenience this may have caused.”

Facility mentioned that they can’t confirm whether the billing statements was sent to patients current addresses. It is notifying patients of the incident. Incorrect billing statements, advisory letters, and other letters were sent to affected patients between November 15, 2016 and January 12, 2017.

Affected information included patient name, financial charges, payments and adjustments, balance and amount due, and appointment reminders, among other pieces of information. Facility mentioned that no sensitive patient information, such as Social Security numbers or credit card numbers, were affected.

TriHealth mentioned that there is no evidence of information misuse. It has offered a free credit report annually. It has now resolved the software problem.

About TriHealth

“Bethesda and Good Samaritan Hospital joined together to form TriHealth in 1995, bringing together two of Cincinnati’s finest health care organizations. Through these two acute care hospitals and more than 130 sites of care, TriHealth provides a wide range of clinical, educational, preventive and social programs. TriHealth’s non-hospital services include physician practice management, fitness centers and fitness center management, occupational health centers, home health and hospice care.”

According to a study conducted most of data breaches are the result of human mistakes and system problems.

“While external attackers and their evolving methods pose a great threat to companies, the dangers associated with the insider threat can be equally destructive and insidious,” says Larry Ponemon, chairman and founder of security research think tank the Ponemon Institute.

____________________________________________________________________________________________

 Alertsec helps you comply with HIPAA, PCI and SOX requirements.

Ransomware attacks

January 13th, 2017

The Susan M. Hughes Center recently announced a data breach due to ransomware attack on its computer system. The incident has potentially affected patients. Facility has immediately launched an investigation. Also, they have reset all passwords and removed the infected server from the system.

A Forensic firm is employed for investigation. It determined that an unknown person accessed server files. The affected information included patient names, telephone numbers, dates of service, types of service or treatment, and amounts paid.

Facility mentioned that there is no evidence of misuse of patient information. Also, sensitive PHI including Social Security numbers or account numbers have not been accessed.

The Hughes Center has started mailing advisory letters to potentially impacted patients. Also, the facility established a call center to answer queries.

“We regret any inconvenience or concern this may have caused our patients. To help prevent something like this from happening in the future we are working with a security firm to enhance the security of our systems.”

Another ransomeware attack involves Summit Reinsurance Services, Inc. who alerted Alliant Health Plans, Inc. of a ransomware attack on its servers.  The affected server contained patient data of more than 1,000 Alliant members.  Facility mentioned that the investigation didn’t provided any evidence of data misuse. Also, Alliant mentioned that its members are at very low risk of data breach consequences.

Affected information included Social Security numbers, health insurance information, and claim-focused medical records.

Summit is updating its policies, procedures and protections for member information to minimise the damage.It also working on other precautionary measures to prevent further incident. Alliant will be continuing encryption to prevent foreign access of sensitive information.

Summit is notifying the affected individuals and also offering one year of identity theft protection to potentially impacted Alliant members.

“As always, Alliant and Summit recommend taking steps to prevent identity theft by monitoring your credit reports for any unusual activity.”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Data breach investigation and deadlines

December 29th, 2016

Balabit survey recently conducted a survey of more than 100 IT companies and security professionals. It has following observations:

Seventy-five percent fix time limit for investigation of potential data security incidents

Forty-four percent said that they missed internal or external deadlines of data breach investigation or reporting

Seven percent of respondents mentioned that they faced serious consequences due to missed deadline

“The Balabit survey identified that the primary reason for not being able to investigate data breaches in time is that organizations still do not understand their own data,” Balabit product manager Peter Gyongyosi said in a statement. “It is difficult for them to extract the necessary information from unstructured data with their existing tools and they lack the contextual information that would help transform this data into valuable, actionable information.”

Survey also found out that thirty percent need not report to external authorities about the progress

Seventy percent are required to report to external authorities but only twenty-five percent has set time limit

“Data and information are two different things entirely,” Prevalent director of product management Jeff Hill said. “The former is easy to collect; extracting the latter from it is much easier said than done.”

“The results of the Balabit survey are likely to surprise few in the cyber security community,” Hill added. “Investigating breaches is tedious, requires specific expertise, is increasingly difficult as attack vectors become more sophisticated, and is usually undertaken in a highly stressful and pressure-filled environment. Current techniques often require the painstaking parsing of millions of logs and identifying subtle changes in behavior.”

“CEOs are underestimating their companies’ cyber vulnerabilities,” RedSeal chairman and CEO Ray Rothrock said in a statement. “Their confidence does not square with what we observe. Cyber attacks are up and financial losses associated with these attacks are increasing dramatically.”

 ___________________________________________________________________________________

Alertsecs cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Email data breach

December 26th, 2016

A phishing email attack on the County of Los Angeles has led to data breach. The incident has affected thousands of individuals. County officials has implemented strict security measures. According to the reports, approximately 100 County employees received credible looking email from the hacker. They provided their usernames and passwords to them.

Some of the employee accounts contained confidential client/patient information. Arrest warrant is issued by the District Attorney Office’s Cyber Investigation Response for Austin Kelvin Onaghinor of Nigeria. The person is charged with nine counts which includes unauthorized computer access and identity theft.

Forensic examination was conducted by county. It also released a statement mentioning that “756,00 individuals were potentially impacted through their contact with the following departments: Assessor, Chief Executive Office, Children and Family Services, Child Support Services, Health Services, Human Resources, Internal Services, Mental Health, Probation, Public Health, Public Library, Public Social Services, and Public Works.”

County also believes that,“there is no evidence that confidential information from any members of the public has been released because of the breach.”

Facility is offering one-year identity monitoring for affected individuals which includes credit monitoring, identity consultation, and identity restoration. During the investigation, county didn’t send notice to affected individuals as instructed by law enforcement.

As per the statement, “We encourage you to remain vigilant against incidents of identity theft and fraud, to review your account statements, and to monitor your credit reports and explanation of benefits forms for suspicious activity. Under U.S. law, you are entitled to one free credit report annually from each of the three major credit reporting bureaus.”

County also mentioned that the minors under the age of eighteen are enrolled in identity consultation and identity restoration services. It has set up call center to address concerns related to potentially affected minors.

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

One billion Yahoo accounts exposed

December 21st, 2016

Yahoo recently announced that the data breach exposed data associated with more than one million user accounts. It later said that the breach involves around 500 million user accounts. Affected information includes names, email addresses, phone numbers, birthdates, hashed passwords and security questions and answers.

Data Breach Incident

As per the Yahoo statement, ”The company has not been able to identify the intrusion associated with this theft.”

Yahoo has advised users to change their passwords. Also, security questions and answers need to be changed.

“Separately, Yahoo previously disclosed that its outside forensic experts were investigating the creation of forged cookies that could allow an intruder to access users’ accounts without a password,” the company stated. “Based on the ongoing investigation, the company believes an unauthorized third party accessed the company’s proprietary code to learn how to forge cookies.”

Yahoo mentioned that there is involvement of certain state-sponsored actor.

“Considering the insufficient security measures that were previously reported to be implemented by the last investigation of 500 million stolen accounts, it’s clear that the defense strategy Yahoo used was not keeping up with the times,” Nathan Wenzler, principal security architect at AsTech Consulting said. He also added that large organization is not always secure.

“Users should always be vigilant and change their credentials on a regular basis, even when used on the websites of very well established and reputable companies,” he said.

“Organizations of all sizes should be taking note of these breaches and use this as a good opportunity to review their own security posture to ensure that outdated and weak security measures aren’t being used,” Wenzler added. “Something like the MD5 hashing that Yahoo was using to protect account information hasn’t been considered a viable security protocol in several years, and is easily cracked.”

“At this time anyone who touched Yahoo needs to do some serious housekeeping on all their systems, all of their passwords and all of their accounts to make sure there is no cross contamination.” Acalvio chief security architect Chris Roberts mentioned in the email.

____________________________________________________________________________________________

Alertsec Endpoint Encrypt is the full disk encryption service that also delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Ransomware attack

December 18th, 2016

Dr. Melissa D. Selke based in New Jersey recently announced a data breach. Facility website posted a data breach notification letter. The incident may have affected several thousand patients.

Selke found out that her system had been infected with a virus that prohibited access to patient files. The system was restored immediately. After investigation, the possibility of ransomware attack was analyzed. An unauthorized third party introduced the virus onto her system.

Melissa D. Selke, MD, has practiced privately in the area of Hillsborough and Somerset, New Jersey.  Her total experience of the practice is 15 years. She is board certified in Family Medicine.

Dr. Selke has following education qualification –

BA in behavioral biology with honors at the Johns Hopkins University in Baltimore, Maryland

MD at Baylor College of Medicine in Houston, Texas. After graduating

Residency in Family Medicine at Spartanburg Regional Medical Center in Spartanburg, South Carolina.

Affected information in this incident includes patients’ names, addresses, phone numbers, Social Security numbers, treatment and diagnosis information, driver’s license information, health insurance information, treating physician information, medical record number, and treatment date(s).

Dr. Melissa mentioned in her letter that the third-party “viewed or took patient information stored on the server.”

“We take this incident, and patient privacy, very seriously,” Selke said in a statement. “We are taking steps to help prevent another incident of this kind from happening, and continue to review our processes, policies, and procedures that address data privacy.”

As per the OCR data breach reporting tool, incident has affected approximately 4,200 individuals.

While no protection services were offered, Selke encouraged affected individuals “to remain vigilant against incidents of identity theft and fraud.” Individuals should regularly review their financial account statements, credit reports, and explanations of benefits for suspicious activity, the notification letter said.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by CheckPoint and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Data breach at Quest Diagnostics

December 15th, 2016

Quest Diagnostics recently suffered data breach which may have involved the information of 34,000 patients. According to the reports,  an unauthorized third party got access of the MyQuest Care360® internet application.

Quest Diagnostics is a global company with headquarters in the U.S. It has operations in India, Ireland, and Mexico. Customers from more than 130 countries use its products and services. Facility also has collaboration with many international diagnostic laboratories, clinics and hospitals.

In United States, facility provides clinical testing services through a national network of laboratories. It is located in major metropolitan areas. In India, it provides a range of products and services to physicians, hospitals, life insurance companies and pharmaceutical/biotech companies through the state-of-the-art laboratory facility in Gurgaon.

In the data breach, Social Security numbers, credit card information, and insurance or other financial information are safe. Affected information included name, date of birth, lab results, and telephone numbers for few.

“When the intrusion was discovered, we immediately took steps to stop any further unauthorized activity,” read the letter, which was signed by Quest Executive Director of Compliance Operations & Privacy Office Carl A. Landorno. “We are taking steps to prevent similar incidents from happening in the future, and are working with a leading cybersecurity firm to assist with our investigation and to further evaluate our systems. We have also reported the incident to federal law enforcement authorities.”

Quest believes that there is no indication that the PHI has been misused in any way. It also mentioned that there is no need for potentially affected individuals to take additional steps to protect themselves from the breach.

“We sincerely apologize for this breach of your information. We have established a dedicated toll free number for you to call if you have any questions regarding this incident.”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Ambucor data breach

December 13th, 2016

As per the report, a former Ambucor employee reportedly downloaded certain information without proper authorization.

“Ambucor has been working with federal law enforcement concerning this incident and has been cooperating fully in the ongoing investigation. As a result of those ongoing efforts, federal law enforcement authorities recently provided Ambucor with two thumb drives that this former employee turned over to them after his departure from Ambucor.”

Potentially affected information included patients’ first and last name, phone number, diagnosis, medications, date of birth, race, home address, testing data (i.e., type of test, test results, date of test and whether testing was monthly or not), patient identification number, medical device information (i.e., manufacturer, identification number, and model/serial numbers), Ambucor enrollment number, Ambucor enrollment date, Ambucor technician name, physician name(s), and the name and address of the practice where the patient was seen.

Ambucor believes that there is no indication that the information has been misused.  One year of complimentary identity protection services is offered by the facility. As per the OCR reporting tool, incident  affected 1,878 individuals.

Earlier Ambucor breach has affected at least two other healthcare providers which includes Wentworth-Douglass Hospital (WDH) and Greenville Health System (GHS).

As per the statement on the website, affected individuals are advised to take below steps:

Billing statement reviewing

Suspicious activity should be reported to the concerned authorities

Obtain copies of medical files and see for any inaccuracy. Contact each doctor, clinic, hospital, pharmacy, laboratory, and location where unauthorized individual may have used your information.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements.