The developers of third-party security products for Macs are issuing patches after researchers realized their software was not properly interacting with Apple's code-signing API. Without the patch, attackers can craft malicious files capable of bypassing the code-signing process, making it look like their code is legit software approved by Apple.
Mobile and IoT device manufacturers continue to ship products with the Android Debug Bridge feature automatically enabled -- a dangerous default setting that enables potential adversaries to connect to these devices.
Academic researchers say they have invented a transmitter that can secure billions of Internet of Things products by individually scattering each bit of data that a device wirelessly sends out onto different radio frequency channels, thus preventing attackers from intercepting a full packet and manipulating its data.
The San Francisco-based health care facilities operator Dignity Health recently experienced an accidental email breach affecting 55,947 patients, according to a May 31 disclosure form the not-for-profit corporation filed with the U.S. Department of Health and Human Services.
Positive Technologies has elaborated on a critical remote code execution vulnerability its researchers discovered in the web interface of Cisco's Access Control Server (ACS), reporting that the bug can be leveraged to perform man-in-the-middle attacks, steal credentials, access network resources and intercept traffic.
- SSM Health call center agent with access to records allegedly violated patient privacy
- Zomato breach leaves bad taste in mouth of 17 million users
- University of Wisconsin-Madison data breach impacts 1000-plus former law school applicants
- Hacker accesses Michigan State University database in reported extortion attempt
- Stolen laptop exposes PII of over 200K Premier Healthcare patients
- Magnolia Health Corporation suffers breach after falling for spoofed CEO email
- Employees mishandle data, violate HIPAA in Washington State Medicaid breach