Security Roundup - 2016-02-17

Hackers adapting to address related fraud checks by going after rewards programs. Hack account, buy lots of stuff and send it to account holder, drain their rewards and convert it to items in store.

Bruce Schneier has an updated Encryption Products Survey, a follow up of a similar survey done in 1999.

Given a recent news item about the lack of security in hospital devices, is it really any suprise that a Hollywood Hospital is currently the victim of a ransomware attack? At time of article, the hospital had computer systems shut down for a week, and had to transfer some patients to other locations. Somewhat related, Checkpoint has a nice writeup on the ecosystem of healthcare security.

Microsoft has been using a third party to manage their mobile careers site, and it turns out it was misconfigured and leaked user information.

For those who love CVEs or visualizations of statistical data, here is something that covers both.

Hackers have leaked 17.8 GB of data from the Turkish national police database. According to the article, the culprit had access to systems for ~2 years.

Written on February 17, 2016