5th Annual State of Application Security Report (Healthcare) 2016

So should we expect a critical mass of consumers to walk away from organizations because their mobile health apps do not have the level of security protection they expect? Based on these research findings, perhaps. When put to the test, the majority of mobile health apps failed security tests and could easily be hacked. Among Read more about 5th Annual State of Application Security Report (Healthcare) 2016[…]

French say ‘Non, merci’ to encryption backdoors

The French government has rejected an amendment to its forthcoming Digital Republic law that required backdoors in encryption systems. Axelle Lemaire, the Euro nation’s digital affairs minister, shot down the amendment during the committee stage of the forthcoming omnibus digital bill, saying it would be counterproductive and would leave personal data unprotected. “Recent events show Read more about French say ‘Non, merci’ to encryption backdoors[…]

Royal Melbourne hospital runs XP, dives into chaos when virus attacks.

Het virus sloeg als eerste toe op de afdeling pathologie en verspreidde zich razendsnel over het ziekenhuis-netwerk. Hierdoor moesten veel medewerkers een hoop handelingen handmatig uitvoeren. Processen als bloed- en weefselverwerking konden niet meer worden uitgevoerd door de computers en ook de verpleegsters moesten samenwerken met de afdeling die het eten verzorgde om ervoor te Read more about Royal Melbourne hospital runs XP, dives into chaos when virus attacks.[…]

OpenSSH Private Crypto Key Leak Patch

The information leak is exploitable in the default configuration of the OpenSSH client, and (depending on the client’s version, compiler, and operating system) allows a malicious SSH server to steal the client’s private keys,” Qualys said in its advisory. “This information leak may have already been exploited in the wild by sophisticated attackers, and high-profile Read more about OpenSSH Private Crypto Key Leak Patch[…]

FFmpeg allows file ops when it reads a video file

ffmpeg has a vulnerability in the current version that allows the attacker to create a specially crafted video file, downloading which will send files from a user PC to a remote attacker server. The attack does not even require the user to open that file – for example, KDE Dolphin thumbnail generation is enough. Desktop Read more about FFmpeg allows file ops when it reads a video file[…]

Hyatt leaks customer credit card details

The investigation identified signs of unauthorized access to payment card data from cards used onsite at certain Hyatt-managed locations, primarily at restaurants, between August 13, 2015 and December 8, 2015. A small percentage of the at-risk cards were used at spas, golf shops, parking, and a limited number of front desks, or provided to a Read more about Hyatt leaks customer credit card details[…]