Month: January 2013

Karen Lopez

Health Data Breaches – Insider Data Trading?

mrdenny |

This was reposted from http://blog.infoadvisors.com/index.php/2013/01/09/health-data-breaches-insider-data-trading/ written by Karen Lopez. They get all the credit for this, not me.

image

It seems like the majority of health data breaches I read about are via insiders with access to patient information systems stealing and selling their data.

Federal authorities say Sergei Kusyakov, who was involved with Metro Chiropractic and Wellness Center and City Lights Medical Center, illegally obtained private information about patients through Dale Munroe II and his wife, Katrina Munroe, who worked at Florida Hospital’s Celebration campus.

Authorities said Dale Munroe accessed more than 763,000 records for patients treated at various Florida

Additional reading can be found at the original author’s post.

Soulskill

NTLM 100% Broken Using Hashes Derived From Captures

mrdenny |

This was reposted from http://rss.slashdot.org/~r/Slashdot/slashdot/~3/-x3fWaDw3LA/story01.htm written by Soulskill. They get all the credit for this, not me.

New submitter uCallHimDrJ0NES writes “Security researcher Mark Gamache has used Moxie Marlinspike’s Cloudcracker to derive hashes from captured NTLM handshakes, resulting in successful pass-the-hash attacks. It’s been going on for a long time, probably, but this is the first time a ‘white hat’ has researched and exposed the how-to details for us all to enjoy. ‘You might think that with all the papers and presentations, no one would be using NTLM…or, God forbid, LM. NTLMv2 has been around for quite some time. Surely, everyone is using it. Right? Wrong! According to the last data from the W3 Schools, 21% of computers are running XP, while NetMarketShare claims it is 39%. Unless someone has hardened these machines (no MS patches do this), these machines are sending LM and NTLM responses!’ Microsoft has posted a little guidance for those who need to turn off NTLM. Have fun explaining your new security project to your management, server admins!”

Additional reading can be found at the original author’s post.

Unknown Lamer

Ruby On Rails SQL Injection Flaw Has Serious Real-Life Consequences

mrdenny |

This was reposted from http://rss.slashdot.org/~r/Slashdot/slashdot/~3/4jJjYcqA-4M/story01.htm written by Unknown Lamer. They get all the credit for this, not me.

vikingpower writes “As a previous Slashdot story already reported, Ruby on Rails was recently reported to suffer from a major SQL injection flaw. This has prompted the Dutch government to take the one and only national site for citizens’ digital identification offline (link in Dutch, Google translation to English). Here is the English-language placeholder page for the now-offline site. This means that 16 million Dutch citizens cannot authenticate themselves anymore with government instances, and that those same government instances can not communicate anything to those same citizens anymore.” Fixes were released, so it looks like it’s on their sysadmin team now.

Additional reading can be found at the original author’s post.

Karen Lopez

An Audible Data Privacy Breach

mrdenny |

This was reposted from Clean Up BlogThisSecurity feed and make it a snipit http://blog.infoadvisors.com/index.php/2013/01/02/an-audible-data-privacy-breach/ written by Karen Lopez. They get all the credit for this, not me.

 

image

RI labor dept. warns of possible privacy breach.

I think about data encryption, physical access controls to servers and such on a regular basis. But there are all kinds of formats via which data gets stored or communicated.  The Rhode Island Department of Labor recently had a data breach involving their call center.  Customers were able to hear conversations on other calls.  The department estimates fewer than 700 pe

Additional reading can be found at the original author’s post.