Security lessons from a Mac-only fintech company

Credit to Author: Jonny Evans| Date: Wed, 20 Nov 2019 07:43:00 -0800

Apple remains a highly secure choice for enterprise professionals, but security threats remain and the environment requires sophisticated endpoint management tools, confirmed Build America Mutual (BAM) CTO, David McIntyre.

The Mac only bank

BAM is one of the leading U.S. municipal bond insurers and has insured over $65 billion since launch in 2012. It also has the rare distinction of being a fintech firm that is completely based on Macs.

To read this article in full, please click here

Read more

DDoS-for-Hire Boss Gets 13 Months Jail Time

Credit to Author: BrianKrebs| Date: Wed, 20 Nov 2019 13:05:15 +0000

A 21-year-old Illinois man was sentenced last week to 13 months in prison for running multiple DDoS-for-hire services that launched millions of attacks over several years. This individual’s sentencing comes more than five years after KrebsOnSecurity interviewed both the defendant and his father and urged the latter to take a more active interest in his son’s online activities.

Read more

Ransomware Bites 400 Veterinary Hospitals

Credit to Author: BrianKrebs| Date: Tue, 19 Nov 2019 14:43:18 +0000

National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software. NVA says it expects to have all facilities fully back up and running normally within the next week.

Read more

Microsoft starts releasing fixes for Access bugs introduced in Office security patches this month

Credit to Author: Woody Leonhard| Date: Tue, 19 Nov 2019 06:09:00 -0800

Although we’ve been promised no “C” or “D” week second cumulative updates for the rest of the year — at least for Windows — Microsoft has acknowledged a bug it created in last week’s Patch Tuesday Office patches, and now promises that it’ll update the bad fixes on most machines this week or next. Those are “C” week and “D” week, respectively.

The cause du jour: a bug in all of this month’s Office security patches that throws an error in Access saying, “Query xxxx is corrupt,” when in fact the query in question is just fine. Microsoft describes the erroneous error message on its Office Support site:

To read this article in full, please click here

Read more

Why Were the Russians So Set Against This Hacker Being Extradited?

Credit to Author: BrianKrebs| Date: Mon, 18 Nov 2019 21:19:10 +0000

The Russian government has for the past four years been fighting to keep 29-year-old alleged cybercriminal Alexei Burkov from being extradited by Israel to the United States. When Israeli authorities turned down requests to send him back to Russia — supposedly to face separate hacking charges there — the Russians then imprisoned an Israeli woman for seven years on trumped-up drug charges in a bid to trade prisoners. That effort failed as well, and Burkov had his first appearance in a U.S. court last week. What follows are some clues that might explain why the Russians are so eager to reclaim this young man.

Read more

Mobile security perceptions don't approach reality. And that's a problem.

Credit to Author: Evan Schuman| Date: Mon, 18 Nov 2019 07:44:00 -0800

In general, security vendors love consumer surveys where consumers say that they would never, ever, ever do business with a retailer or a bank with poor security practices. But consumers have historically been terrible predictors of their own behavior, and they also tend to tell retailers and banks what they want to hear, rather than the truth.

And the truth, based on the public financial filings of plenty of companies that have suffered public data breaches, is that consumers — partially thanks to zero liability programs from the payment card companies — tend to not change retailers or banks when such data breaches happen. Why? Quite a few reasons. First, zero liability sees to it that they don’t lose any money (it actually limits losses to $50, but almost no business enforces that, and they tend to simply eat all of the consumer losses). If consumers lost large amounts of money from breached retailers or banks, yes, they’d flee, but that doesn’t happen.

To read this article in full, please click here

Read more

What you need to know about new data-security rules for business travel

Credit to Author: Mike Elgan| Date: Fri, 15 Nov 2019 07:39:00 -0800

From U.S. Customs agents to cybercriminals, everyone wants to copy the data on your phone and laptop. Here’s how to protect your rights and also avoid industrial espionage.

Read more