Why Hello There,
Welcome to another exciting edition of our weekly security news recap. As usual we got some pretty juicy stories, so I hope you enjoy reading them as much as I enjoy writing about them!
- Our first story is a pretty good one and it comes straight from the blog of Eugene Kaspersky, the founder of the Kaspersky AntiVirus company. This is a post in response to a Bloomberg Business article that made claims about Kaspersky having ties to Russian Intelligence services. The Bloomberg article is fairly full of assumptions, and far-reaching accusations with little proof behind it, and Kaspersky did not appreciate it either and felt the need to respond personally. Very interesting read, I found.
- Read More @ https://eugene.kaspersky.com/2015/03/20/a-practical-guide-to-making-up-a-sensation/
- Next, an interesting look at the FTC investigation of Google’s business practices. Some of the findings seem to indicate that Google was manipulating search results to be more in favor of promoting its own products. I can’t really say this would be a surprised, but it does make you wonder if it could lend Google into some hot water.
- Read More @ http://blogs.wsj.com/digits/2015/03/19/excerpts-from-ftc-staff-report-on-googles-search-practices/
- Another year, another Pwn2Own competition, and as usual hackers came out on top as all major browsers fell. The biggest catch of the day went to a Korean researcher Jung Hoon Lee who earned himself the highest bounty ever awarded at Pwn2own of $110,000. Pretty good paycheck for 2 minutes of work, no?
- Read More @ https://threatpost.com/all-major-browsers-fall-at-pwn2own-day-2/111731
- Next, a story by Naked Security, about a NYPD cop that was arrested for unauthorized access to a number of databases, including one maintained by the FBI in order to gain information on people involved in traffic accidents. He then used this information to contact the victims posing as an attorney, that could help them “settle the case in their favor”.
- Read More @ https://nakedsecurity.sophos.com/2015/03/20/nypd-cop-arrested-for-hacking-into-fbi-traffic-databases
- It looks like two more Health Insurance providers might have been breached. Primera Blue Cross, and LifeWise have both reported to be looking into possible intrusions. Between the two, this could impact about 11 million health records, if true.
- Read More @ http://www.darkreading.com/two-more-health-insurers-report-data-breach/d/d-id/1319511?_mc=sm_dr_editor_kellyjacksonhiggins
- It looks like Target will soon be able to settle it’s class-action lawsuits as a result of the massive breach suffered in 2013. Settlement amount looks to be about 10 million, and anyone that can prove they were affected by the breach could be included in the potential payout. I have to say, I expected the figure to be higher.
- Read More @ http://www.scmagazine.com/target-close-to-settling-class-action-for-10m/article/404469/
- Next, some news on the APT front. Kaspersky has a follow up to their 2014 article on the “Crouching Yeti” APT campaign. The new post brings a number of new details on the aforementioned campaign, and lots of pretty graphs…for those that like that type of thing. Good read as always.
- Read More @ https://securelist.com/blog/research/69293/yeti-still-crouching-in-the-forest/
- Last story of the week is another one on the privacy front. Looks like the Obama administration has set a rather unwanted record for withholding the largest amount of FOIA (Freedom of Information Act) requests.
- Read More @ http://www.scmagazine.com/many-foia-requests-withhold-or-denied/article/404488/