Robert Lemos

Community Health Systems announced Aug. 18 that hackers had breached its health care network of 206 facilities and stolen sensitive information on approximately 4.5 million patients. The compromise and subsequent data loss is part of a general trend in the sector. The health care industry has given short shrift to IT security, spending less on […]

Groups of attackers have targeted activists on both sides of the Syrian civil war with a new malware campaign that, while not particularly sophisticated, has grown to compromise more than 10,000 systems, according to researchers from Kaspersky Labs, which analyzed more than 100 files used by group. The attackers have sent messages through social networks, […]

Companies with lax security procedures can become a breeding ground for malware, with infection rates reaching 18.5 percent, according to network-security firm Damballa. Organizations that allow contractors and third parties to access their network do not restrict mobile devices and allow users to have administrative rights on their systems suffer much higher rates of malware […]

A digital thief used insider access to a Canadian Internet service provider’s network to hijack the efforts of at least 51 cryptocurrency mining groups and stole the payouts from individual miners who participated in the pools, according to a report by managed security service Dell Secureworks. The attack, which started with initial tests in early […]

LAS VEGAS—Over the past five years, antivirus firms and malware-analysis startups have created automated systems for identifying and categorizing malware. Yet, such closed systems frequently fail to detect the newest malware and rarely allow security researchers to peek at the results. At the Black Hat security conference on Aug. 7 here, a group of researchers […]

LAS VEGAS—The leak of secret U.S. documents describing the expansion of the government’s Terrorist Screening Database has reopened the debate over whether whistleblowers should be prosecuted and how agencies and companies can prevent leaks of sensitive information. At the Black Hat security conference here, noted security expert Mikko Hypponen argued that many breaches—Edward Snowden’s leaks […]

A Russian cyber-criminal group compromised more than 400,000 servers and Websites using a common class of software flaw, known as a SQL injection vulnerability, to steal more than 1.2 billion usernames and passwords, according to Hold Security, which found the cache of credentials online. The group, dubbed “CyberVors” by the security firm, initially bought a […]

LAS VEGAS—When security teams patch software vulnerabilities in their systems, they too often focus on the wrong issues, patching the holes that are easiest to fix rather than fixing the flaws that are most likely to be the focus of attackers. To help companies improve their handling of software flaws, vulnerability management firm Core Security […]

For the second time in two years, mobile-security firm Bluebox Security announced a serious vulnerability in the Android operating system that could allow a malicious application to gain higher privileges and take control of devices. It’s the latest serious flaw in the Android operating system, which is, by far, the operating system most targeted by […]

In December, Australian teenager Joshua Rogers reported a vulnerability in a regional public-transportation site that could have exposed the information of roughly 600,000 Australian citizens. Instead of working with the 16-year-old bug hunter, the government agency responsible for the site, Public Transport Victoria, contacted the police. Such contentious relations between software developers and vulnerability researchers […]

Su Bin, a Chinese national accused of hacking into the network of defense contractor Boeing, was denied bail during a preliminary hearing in British Columbia Supreme Court on July 23, according to media reports. Canadian authorities arrested Su, the 48-year-old owner of Beijing-based Lode Technologies, on June 28 in response to a criminal complaint filed […]

The Electronic Frontier Foundation announced on July 20 a programming effort to create a secure, private way for people to share their wireless routers, allowing others to use their bandwidth without compromising their network security. The project, dubbed the Open Wireless Router, aims to give home users and businesses the ability to assign a portion […]