MedStar Health Hacked, EHR Down, FBI Investigating

MedStarhackedMedStar has been hacked and it looks really ugly. You can find healthcare informatics’s story below as well as HERE. The Baltimore post examiner also posted about it HERE. News reports confirmed a cyber-attack on the 10-hospital MedStar Health system that had disabled the organization’s EHR. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)

SAMSAM: The Doctor Will See You: After He Pays The Ransom

ransomwarehealthCisco Talos posted a great article on a new variant of ransomware targeting healthcare. The original post can be found HERE.

Cisco Talos is currently observing a widespread campaign leveraging the Samas/Samsam/MSIL.B/C ransomware variant. Unlike most ransomware, SamSam is not launched via user focused attack vectors, such as phishing campaigns and exploit kits. This particular family seems to be distributed via compromising servers and using them as a foothold to move laterally through the network to compromise additional machines which are then held for ransom. A particular focus appears to have been placed on the healthcare industry. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Anonymous Threatens Denver Over Homeless Camp Cleanup

anonymousVideo1Anonymous posted a warning video to Denver regarding its recent homeless camp cleanup law. Anonymous pointed out many reasons why this new law is a violation of human rights and states they would prefer a peaceful resolution. However, they claim “Expect Us”, so most likely actions will be taken against Denver officials if nothing is done about this threat. This post contains the Anonymous video and cbs article on this topic found HERE. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Exploit Kits 101 – How A Typical Exploit Kit Functions

8cGEdLeXiA Exploit kit is collection of redirection pages, landing pages, exploits and payloads designed to automatically infect users for a revenue stream. Exploit kits are typically not using targeted attacks meaning they try to get any system on the internet that is vulnerable to access their website and usually deliver ransomware. Examples of exploit kits are Kaixin / Gongda, Neutrino, Nuclear, RIG and Angler. Looking at Angler, it can exploit 9,000 systems on any given day and successfully compromise 5,400 of those systems. In terms of dollars, this can mean around $30 million dollars per year from the delivered ransomware. This post will cover whats involved with exploit kits including what can be done to protect your system from being exploited. Continue reading

VN:F [1.9.22_1171]
Rating: 3.7/5 (7 votes cast)

FBI threatens to Force Apple to Hand Over iOS Source Code

FBIAppleThe Hacker News posted about how the FBI is threatening Apple to hand over its iOS source code IE giving the FBI a backdoor. This could be bad for two reasons …. one it violates the privacy of Apple product users and two it could lead to some very bad attacks if such a backdoor is discovered by malicious users. The original post can be found HERE.
The Department of Justice (DoJ) has warned Apple that it may force the tech giant for handing over the source code to the complete operating system if it does not help the Federal Bureau of Investigation (FBI) unlock the San Bernardino shooter’s iPhone.

Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)

Microsoft Patch Tuesday March 2016 + Associated Snort Rules

patch-tuesday-2Talos, Cisco’s security research division posted their thoughts on the latest Microsoft Patch Tuesday release along with associated SNORT rules to protect systems from exploiting associated vulnerabilities. The original post can be found HERE.

Patch Tuesday for March 2016 has arrived. Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release contains 13 bulletins addressing 44 vulnerabilities. Five bulletins are rated critical and address vulnerabilities in Edge, Graphic Fonts, Internet Explorer, Windows Media Player, and Window PDF. The remaining eight bulletins are rated important and address vulnerabilities in .NET, Office, and several other Windows components.

Bulletins Rated Critical

Microsoft bulletins MS16-023, MS16-024, and MS16-026 through MS16-028 are rated as critical in this month’s release. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Apple Shut Down First Fully-Functional Mac OS X Ransomware

MACRansom1KeRanger is the first Mac based Ransomware. This goes to show that attackers are targeting Apple, which should be expected as Mac gains market share. The interesting aspect is how the Ransomware leveraged a valid Mac app development certificate, which has been revoked by Apple. Here is a post by Techcrunch on this story. The original posting can be found HERE. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)