Month: March 2016

1,418 Bugs in Medical Devices, Zero Patches
Authentication, Device Security

1,418 Bugs in Medical Devices, Zero Patches

There are vulnerability reports, and there are Vulnerability Reports. The latest and perhaps best entry in the latter category is a disclosure of more than 1,400 vulnerabilities in a variety of medication-supply devices manufactured by CareFusion. The affected devices are CareFusion’s Pyxis SupplyStation systems, automated cabinets that allow medical personnel […]

Apple Case May Cast a Long Shadow
Device Security, Privacy

Apple Case May Cast a Long Shadow

Now that the Department of Justice has withdrawn its lawsuit against Apple in the case concerning the San Bernardino shooter’s iPhone, it’s clear that the legal and media battles of the last month and a half have produced more questions than they’ve answered. Chief among those remaining questions is this: […]

Treasurehunt PoS Malware Hitting Soft Targets
Device Security

Treasurehunt PoS Malware Hitting Soft Targets

Researchers are tracking a new version of some point-of-sale malware that has some of the same memory scraping capabilities as other PoS threats, but appears to have been developed specifically for one attacker and is being used in targeted operations against banks and smaller retailers. The malware is known Treasurehunt […]

By the Numbers: Data Breach Attack Tactics
By the Numbers

By the Numbers: Data Breach Attack Tactics

Data breaches once were rare enough that every one was a big story. Remember ChoicePoint? Now they’re so commonplace that consumers hardly blink when they get a data breach notice or new credit card in the mail. It’s a part of modern life. While these compromises are numbingly frequent, there’s […]

Comey: NAND Mirroring Doesn’t Work
Device Security, Privacy

Comey: NAND Mirroring Doesn’t Work

The FBI director says the prevailing theory about the alternative method the bureau is testing for unlocking the iPhone in the San Bernardino case, a technique called NAND mirroring, “doesn’t work”. Speaking at a press conference Thursday with the United States Attorney General Loretta Lynch regarding the terror attacks in […]