Correspondent, Boston
Jim's Feed
Jul 31, 2015

FDA warns of security flaw in Hospira infusion pumps

BOSTON, July 31 (Reuters) – The U.S. Food and Drug
Administration on Friday advised hospitals to stop using Hospira
Inc’s Symbiq infusion system, saying a security
vulnerability could allow cyber attackers to take control of the
system remotely.

The agency issued the advisory some 10 days after the U.S.
Department of Homeland Security warned of the vulnerability in
the pump, which is used to deliver medications directly into the
bloodstream of patients.

Jul 30, 2015

Researcher says can hack GM’s OnStar app, open vehicle, start engine

BOSTON/DETROIT (Reuters) – A researcher is advising drivers to halt the use of a mobile app for General Motors Co’s OnStar vehicle communications system, saying hackers can exploit a security flaw in the product to remotely unlock cars and start engines.

“White-hat” hacker Samy Kamkar posted a video on Thursday saying he had figured out a way to “locate, unlock and remote-start” vehicles by intercepting communications between the OnStar RemoteLink mobile app and the OnStar service.

Mar 23, 2015

Online ad revenue at risk in war on ‘click fraud’

NEW YORK/BOSTON (Reuters) – A growing number of U.S. companies, including MillerCoors and AIG, are stepping up the battle against online ad fraud by demanding proof that their ads have been seen by real people instead of computers hijacked by cybercriminals.

Spurred by a warning in December by the Association of National Advertisers (ANA) that businesses are losing $6.3 billion a year to so-called “click fraud,” these companies now stipulate in advertising contracts that they will only pay for online ads when given proof that humans clicked on them.

Mar 19, 2015

New bugs uncovered in encryption software

BOSTON/FRANKFURT, March 19 (Reuters) – New bugs in the
widely used encryption software known as OpenSSL were disclosed
on Thursday, though experts say do not pose a serious threat
like the “Heartbleed” vulnerability in the same technology that
surfaced a year ago.

“Heartbleed” triggered panic throughout the computer
industry when it was reported in April 2014. That bug forced
dozens of computers, software and networking equipment makers to
issue patches for hundreds of products, and their customers had
to scour data centers to identify vulnerable equipment.

Mar 17, 2015

Premera Blue Cross breached, medical information exposed

BOSTON (Reuters) – Health insurer Premera Blue Cross said on Tuesday it was a victim of a cyberattack that may have exposed medical data and financial information of 11 million customers in the latest case of a healthcare company reporting a serious breach.

It said the attackers may have gained access to claims data, including clinical information, along with banking account numbers, Social Security numbers, birth dates and other data in an attack that began in May 2014 and was uncovered Jan. 29.

Mar 6, 2015

U.S. charges three in ring that stole 1 billion email addresses

WASHINGTON/BOSTON (Reuters) – Two Vietnamese citizens and a Canadian have been charged with running a massive cyber fraud ring that stole 1 billion email addresses, then sent spam offering knockoff software products, the U.S. Department of Justice said on Friday.

Court documents did not identify the email companies that were victimized, though the Justice Department described the hacking spree as “one of the largest” data breaches uncovered in U.S. history.

Mar 6, 2015

Microsoft warns Windows PCs also vulnerable to “Freak” attacks

BOSTON, March 6 (Reuters) – Hundreds of millions of Windows
PC users are vulnerable to attacks exploiting the recently
uncovered “Freak” security vulnerability, which was initially
believed to only threaten mobile devices and Mac computers,
Microsoft Corp warned.

News of the vulnerability surfaced on Tuesday when a group
of nine security experts disclosed that ubiquitous Internet
encryption technology could make devices running Apple Inc’s
iOS and Mac operating systems, along with Google Inc’s
Android browser vulnerable to cyberattacks.

Mar 4, 2015

Senator Bill Nelson calls for federal probe of Lumber Liquidators

March 4 (Reuters) – U.S. Senator Bill Nelson asked three
federal agencies to investigate hardwood flooring retailer
Lumber Liquidators Holdings Inc after a report on “60
Minutes” that some of its wood flooring products had dangerous
levels of formaldehyde.

The company’s shares fell as much as 12 percent to a
two-and-a-half-year low on Wednesday.

Mar 2, 2015

Connecticut launches probe into Lenovo use of Superfish software

March 2 (Reuters) – Connecticut Attorney General George
Jepsen’s office said on Monday it has launched an investigation
into Lenovo Group Ltd’s sales of laptops preloaded
with Superfish software, which the U.S. government last month
warned made users vulnerable to cyberattacks.

The office said that Jepsen last week sent letters to
Lenovo, the world’s biggest personal computer maker, and
privately held software maker Superfish asking them to provide
information, including contracts and emails that discuss their
partnership.

Feb 25, 2015

Hackers controlling millions of PCs targeted in Europol sweep

AMSTERDAM/BOSTON, Feb 25 (Reuters) – A cybercrime ring that
used 3.2 million hacked computers worldwide to steal banking
information by seizing control of servers has been disrupted by
European police and technology companies, officials said on
Wednesday.

Europol’s European Cybercrime Centre coordinated the
operation out of its headquarters in The Hague, targeting the
so-called Ramnit botnet, a network of computers infected with
malware.

    • About Jim

      "Jim works in the Reuters Boston bureau covering cyber security, hacking and technology privacy issues. He’s been with Reuters since 2005. He previously covered technology, media and biotechnology for Broadcasting & Cable, the Orange County Register and Bloomberg News out Tokyo, Taipei, San Francisco, Los Angeles and Santa Ana, California."
      Joined Reuters:
      2005
      Languages:
      English, Mandarin
    • More from Jim

    • Contact Jim

    • Follow Jim