by medicaltechont | Jan 17, 2015 | Security
When the Heartbleed vulnerability made headlines last spring, Internet companies went into a frenzy: Creating patches, moving away from OpenSSL, and warning users to reset their passwords.
But while we haven’t heard much about it lately — and many servers have been updated to avoid it — Heartbleed is still very much a problem.
The problem is that OpenSSL is in everything.
“It’s an infrastructure hack, and it’s deep … it puts into question everything that we use on the Internet,” said Sami Nassar, CEO of secure element chip maker NXP.
He calls Heartbleed the death knell for SSL. While some will argue that SSL became obsolete a long time ago, its use is still pervasive. So what’s scary to Nassar is that though the news cycle around Heartbleed ended long ago, the damages are still ravaging on.
Read more at VB News
by medicaltechont | Dec 20, 2014 | Security, Technology
Staples says as many as 1.16 million customer credit cards may have been compromised as part of a malware attack on some of its point-of-sale systems earlier this year. Today the company released some of its findings of an investigation into the attacks, saying that malware was found in 113 of its US stores, and may have affected purchases at those locations made between August 10th, 2014 and September 16th, 2014. Staples added that at two stores, the malicious software could have been running unseen for even longer, dating all the way back to late-July.
http://www.appy-geek.com/Web/ArticleWeb.aspx?regionid=3&articleid=33562847
by medicaltechont | Dec 18, 2014 | Canada, e-Health, eHealth, EHR, Healthcare, Privacy, Security
Ontario’s privacy commissioner has found the Rouge Valley Health System failed to protect patient health information following a review of two separate privacy breaches, which may have affected patients at both Centenary and Ajax-Pickering hospitals.
http://m.durhamregion.com/news-story/5211578-privacy-breaches-at-rouge-valley-hospital-may-have-affected-ajax-pickering-patients/
by medicaltechont | Dec 13, 2014 | Technology
MC Hammer video appears on province’s website after apparent hack.
Read more: http://www.cp24.com/news/mc-hammer-video-appears-on-province-s-website-after-apparent-hack-1.2146245#ixzz3Ln6AgClO
by medicaltechont | Dec 13, 2014 | Technology
X.org, which develops the open-source X Window System for Linux and other Unix-y desktops, has warned security flaws have been discovered in the code – and some of them have been hanging around for 27 years.
The bugs can be exploited by applications to crash the window system, or run malicious code as the root user if the X server is running with those privileges.
The programming blunders were discovered by Ilja van Sprundel, a security researcher at IOActive, and cover how the X Server handles requests from client apps.
Read more.
