Inside Security - November 8th, 2019

Inside Security (Nov 8th, 2019)

Subscribe | View in browser

1. Remediation efforts at hospitals hit by ransomware or data breaches could worsen outcomes for heart patients, according to a new study by Vanderbilt University. Researchers found that there were as many as 36 additional deaths per 10,000 heart attacks annually at hospitals examined in the study. It took an added 2.7 minutes for patients suffering from a suspected heart attack to receive an electrocardiogram at the affected hospitals. -- KREBS ON SECURITY

2. The Platinum advanced persistent threat (APT) group has added a new backdoor tool that Kaspersky Lab researchers call Titanium after a password to one of the self-executable archives. The Titanium malware hides by imitating common software, such as security, sound driver, and DVD video creation tool software. It includes a sequence of dropping, downloading, and installing stages, deploying a trojan-backdoor as the final stage. The main targets of the Titanium malware are located in South and Southeast Asia. -- SECURELIST

3. Cisco issued security patches this week to fix vulnerabilities in its small business routers, telepresence system, Webex player, and wireless local area network software, which could result in cross-site scripting, elevation of privileges, or arbitrary command execution attacks. The most significant vulnerabilities affect the web-based management interface of the small business routers RV016, RV042, RV042G, and RV082, which could lead to arbitrary command execution or a remote attacker injecting commands into the operating system. -- SECURITY WEEK

4. The U.S. Department of Health and Human Services (HHS) has levied a $1.6 million fine on the Texas Health and Human Services Commission for violations of the Health Insurance Portability and Accountability Act of 1996. An investigation by HHS's Office of Civil Rights (OCR) found that the state agency had exposed electronic protected health information of 6,617 patients when an internal application was moved from a secure private server to a public server in 2015. OCR also found that the agency had failed to conduct a risk analysis and implement access and audit controls of its information systems and applications. -- HHS

5. Major web browser platforms Chrome and Firefox plan to roll out a protocol that encrypts Domain Name System (DNS) traffic called DNS-over-HTTPS (DoH) later this year. By enabling the browser to hide DNS requests and responses in HTTPS traffic, the protocol will help boost user privacy on the internet by hiding users' DNS traffic from third-party network observers. At the same time, internet service providers, network operators, and security vendors do not support the protocol because they argue the DoH protocol does not protect user privacy and causes more problems that it solves. -- ZDNET

6. NVIDIA has released a software update for its GPU Display Driver that plugs security flaws that could result in denial of service, escalation of privileges, or information disclosure. The vulnerabilities affect NVIDIA Windows-based GeForce, Quadro, NVS, Tesla software products, and NVIDIA vGPU software. The most serious vulnerabilities involve the kernel mode layer handler of the Windows GPU Display Driver, which could lead to denial of service or escalation of privilege attacks. -- NVIDIA

7. Trend Micro researchers are warning about a new exploit kit called Capesand that targets vulnerabilities in Adobe Flash and Microsoft Internet Explorer. The Capesand exploit kit reuses open-source code, including exploits, obfuscation, and packing techniques. The exploit kit is part of a fake blockchain malvertising campaign. The researchers found that Capesand looks similar to an old exploit kit known as Demon Hunter. -- TREND MICRO

8. The Newfoundland and Labrador Department of Health said that it recently found out about a missing binder with personal health information on 3,300 people. The binder containing information on patients of the Adult Dental Health Program went missing from the MCP office in Grand Falls-Windsor back in January 2018, but the department was just informed last month. The agency did not say why it took so long for the data breach to be reported. -- CBC

9. Capital One has replaced its chief information security officer, Michael Johnson, following a massive data breach affecting more than 100 million customers. Mike Eason, chief information officer for the company’s commercial banking division, will replace Johnson as interim CISO. Disclosed in July, the breach enabled hackers to steal data on millions of credit card applications between 2005 and 2019. The exposed data included names, addresses, phone numbers, email addresses, dates of birth, income, credit scores, and credit limits. -- TECH CRUNCH

10. The U.S. Department of Justice (DoJ) has charged two former Twitter employees with spying on political dissidents for Saudi Arabia. Ali Alzabarah and Ahmad Abouammo accessed Twitter account data in order to help the Saudi government identify the accounts' users and their locations, according to the DoJ complaint. Alzabarah accessed as many as 6,000 Twitter accounts, and Abouammo accessed 3 accounts, the DoJ alleged. -- THREATPOST

Fred Donovan is a professional writer, editor, and content specialist with decades of experience, most recently in the areas of information technology and cybersecurity. He has written for such publications as, FierceITSecurity, InfoSecurity Magazine, Report on Patient Privacy, TechGenix, and NetDefense. Fred has a B.A. from Harvard University in government and an M.S. in national security from Georgetown University.

Editor: Bobby Cherry is a senior editor at Follow his love of all things Pittsburgh and more on Twitter and Instagram.

Copyright © 2020, All rights reserved.

Our mailing address is:
767 Bryant St. #203
San Francisco, CA 94107

Did someone forward this email to you? Head over to to get your very own free subscription!

You received this email because you subscribed to Inside Security. Click here to unsubscribe from Inside Security list or manage your subscriptions.

Subscribe to Inside Security