BOSTON, Oct 22 (Reuters) – The U.S. Department of Homeland
Security is investigating about two dozen cases of suspected
cybersecurity flaws in medical devices and hospital equipment
that officials fear could be exploited by hackers, a senior
official at the agency told Reuters.
The products under review by the agency’s Industrial Control
Systems Cyber Emergency Response Team, or ICS-CERT, include an
infusion pump from Hospira Inc and implantable heart
devices from Medtronic Inc and St Jude Medical Inc
, according to other people familiar with the cases, who
asked not to be identified because the probes are confidential.
BOSTON/BEIJING, Oct 21 (Reuters) – Apple Inc’s
iCloud storage service in China was attacked by hackers trying
to steal user credentials, a Chinese web monitoring group said,
adding that it believes the Beijing government is behind the
Using what is called a “man-in-the-middle” (MITM) attack,
the hackers interposed their own website between users and
Apple’s iCloud server, intercepting data and potentially gaining
access to passwords, iMessages, photos and contacts,
Greatfire.org wrote in its blog post.
Props to Southwest for pulling connecting passengers off flight and making other arrangements NOW. Old fashioned customer service.
Here is the ‘Poodle’ security advisory on new web security threat involving SSL 3.0: https://t.co/Vzvw53TzWZ
BOSTON, Oct 14 (Reuters) – Three Google Inc
researchers have uncovered a security bug in widely used web
encryption technology that they say could allow hackers to take
over accounts for email, banking and other services in what they
have dubbed a “Poodle” attack.
The discovery of “Poodle,” which stands for Padding Oracle
On Downloaded Legacy Encryption, prompted makers of web browsers
and server software to advise users on Tuesday to disable use of
the source of the security bug: an 18-year old encryption
standard known as SSL 3.0.
BOSTON (Reuters) – Russian hackers exploited a bug in Microsoft Windows and other software to spy on computers used by NATO, the European Union, Ukraine and companies in the energy and telecommunications sectors, according to cyber intelligence firm iSight Partners.
ISight said it did not know what data had been found by the hackers, though it suspected they were seeking information on the Ukraine crisis, as well as diplomatic, energy and telecom issues, based on the targets and the contents of phishing emails used to infect computers with tainted files.
By Jim Finkle and Yashaswini Swamynathan
(Reuters) – Retailer Sears Holdings Corp said the payment data systems at its Kmart stores had been compromised, the latest in a series of computer security breaches to hit U.S. companies in recent months.
The U.S. Secret Service confirmed it was investigating the breach, which occurred in September and compromised the systems of Kmart, which has about 1,200 stores across the United States. The breach did not affect the Sears department store chain.