Security News for the Week Ending October 11, 2019
Medical Practice Closes After Ransomware Attack
Wood Ranch Medical is closing their doors permanently after a ransomware attack. The attackers not only encrypted the practice’s data, but also its backups.
In April 2019, the Brookside ENT and Hearing Center in Battle Creek also closed after a ransomware attack.
Ransomware attacks are just one reason why businesses should keep at least one backup off-site and off-line. Source: Security Week
Reductor Malware Bypasses Encryption
Kaspersky, the Russian anti-malware vendor that has been banned for use by the US government, reported a new malware attack that bypasses encryption on a user’s PCs using a very novel technique. Rather than crack the crypto, the attack compromises the random number generator on the computer, affecting the crypto algorithm and making the encryption easy to break. Very creative. Source: The Register
vBulletin Developers Release Patches for 3 More High Severity Vulnerabilities
Right after patching the critical vulnerability that took down Comodo, the developers of vBulletin have released even more patches. This time is it a remote code execution (RCE) flaw and two SQL injection (SQLi) attacks. vBulletin runs on at least 100,000 web sites. While these vulnerabilities are not at bad as last week’s, you should patch them soon. Source: The Hacker News.
Feds Hit the Mob with Cyberstalking Charges
A jealous mobster put a GPS tracker on his girlfriend’s car. The mobster, a captain in the Colombo crime family and 20 of his friends were charged with racketeering, loansharking, extortion and, oh yeah, cyberstalking. The story sounds like a Hollywood B movie, but it is, apparently, real. Read the story here.
Colorado Records Another First
In response to the Intelligence Community’s assessment of foreign interference in the 2016 election, reports of attempted interference in 2018 and reports from Defcon that every one of the voting machines that they tried to attack was vulnerable, Colorado Secretary of State Jena Griswold banned counting ballots using printed barcodes. Griswold says that a barcode is not a verifiable paper trail if the voter has no idea what it says. Colorado’s voting machine vendor, Dominion, has agreed to provide a software upgrade for free that will print out darkened circles next to the vote instead. Unfortunately, nothing is perfect and this doesn’t go into effect until after the 2020 election. Now that Dominion has agreed to provide the software upgrade for free,other states will likely follow. Source: CNN .