The Defense Contract Management Agency , the U.S. federal government entity responsible for performing contract administration services for the Department of Defense , is responding to a suspected cybersecurity breach and has pulled a number of its servers offline while the investigation continues, KrebsOnSecurity has learned
Microsoft Pushes Patches for Dozens of Flaws
Microsoft today released nine update bundles to plug at least 55 distinct security vulnerabilities in its Windows operating system and other software.
Anthem Breach May Have Started in April 2014
Analysis of open source information on the cybercriminal infrastructure likely used to siphon 80 million Social Security numbers and other sensitive data from health insurance giant Anthem suggests the attackers may have first gained a foothold in April 2014, nine months before the company says it discovered the intrusion. The Wall Street Journal reported last week that security experts involved in the ongoing forensics investigation into the breach say the servers and attack tools used in the attack on Anthem bear the hallmark of a state-sponsored Chinese cyber espionage group known by a number of names, including “ Deep Panda ,” “ Axiom ,” Group 72 ,” and the “ Shell_Crew ,” to name but a few. Deep Panda is the name given to this group by security firm CrowdStrike .
Phishers Pounce on Anthem Breach
Phishers and phone fraudsters are capitalizing on public concern over a massive data breach announced this week at health insurance provider Anthem in a bid to steal financial and personal data from consumers.
Citing Tax Fraud Spike, TurboTax Suspends State E-Filings
TurboTax owner Intuit Inc.
China To Blame in Anthem Hack?
Bloomberg reports that U.S. federal investigators probing the theft of 80 million Social Security records and other sensitive data from insurance giant Anthem Inc. are pointing the finger at state-sponsored hackers from China.
Yet Another Flash Patch Fixes Zero-Day Flaw
For the third time in two weeks, Adobe has issued an emergency security update for its Flash Player software to fix a dangerous zero-day vulnerability that hackers already are exploiting to launch drive-by download attacks. The newest update, version 16.0.0.305 , addresses a critical security bug ( CVE-2015-0313 ) present in the version of Flash that Adobe released o n Jan.
Data Breach at Health Insurer Anthem Could Impact Millions
Anthem Inc. , the nation’s second largest health insurer, disclosed Wednesday that hackers had broken into its servers and stolen Social Security numbers and other personal data from all of its business lines. Given the company’s size, this breach could end up impacting tens of millions of Americans.
Hacked Hotel Phones Fueled Bank Phishing Scams
A recent phishing campaign targeting customers of several major U.S. banks was powered by text messages directing recipients to call hacked phone lines at Holiday Inn locations in the south
Banks: Card Thieves Hit White Lodging Again
For the second time in a year, multiple financial institutions are complaining of fraud on customer credit and debit cards that were all recently used at a string of Marriott properties run by hotel franchise firm White Lodging Services Corporation. White Lodging says it is investigating, but that so far it has found no signs of a new breach. In January 31, 2014, this author first reported evidence of a breach at some White Lodging locations