ANCHOR CYBER FEED

Insurance Company Sues Healthcare Provider over Cyber-Insurance Payout Cottage Health System, a California-based healthcare network, settled a class action suit last December stemming from a 2013 breach. Their insurer, Columbia Casualty, initially agreed to pay for the $4.1M settlement, but has now filed their own suit to avoid paying. Columbia alleges that Cottage failed to implement the minimum security measures required under their policy. Does your organization have a cyber insurance policy? Do you know what security controls you are required to implement and maintain in order to comply with the policy? http://blog.thomsonreuters.com/index.php/cyberpolicy-excludes-coverage-4-million-data-breach-insurer-says/ http://healthitsecurity.com/news/what-happens-when-a-healthcare-cyber-policy-is-broken "Grabit" Malware Campaign Targeted at Small and Medium Businesses Kaspersky published details last week on a a new malware campaign they have discovered and named &qu

Check out this new map that Check Point has published. It is a representation of live Internet attack activity showing War Games-like graphics. It looks like a missile taking off and exploding on each target. While the graphics are fun in their own way, the reality behind them is very sobering. Very interesting how many attacks are inbound against the US. https://www.threat-cloud.com/ThreatPortal/#/map

Cyber Security is Now the Top Worry of Most Financial Services Firms In a recent survey conducted by the Depository Trust & Clearing Corporation, nearly half of financial services firms cited cyber security as their top concern in terms of risks faced by their organization. Eighty percent listed it among their top five risks. Where does your organization rank cyber security among your risks? http://www.dtcc.com/news/2015/may/13/cyber-security-cited-as-number-one-risk-to-financial-markets.aspx http://www.scmagazineuk.com/cyber-security-now-the-top-concern-for-financial-services/article/414885/ Many Android Devices Found to Not Fully Delete Data on Factory Reset The factory reset function on a mobile device is intended to insure that a device no longer contains any data from the user, but a study published last week by Cambridge University researchers shows that in many cases this does not happen reliably. All of the 21 Android devices tested (various makes and models) reta

A security firm has discovered a vulnerability in Apple’s Safari Browser that allows attackers to spoof legitimate websites and phish for user credentials. Security firm Deusen reveals that the flaw works by using a short script to force Safari into loading one page while still displaying the URL of another page. This script is provided below: http://www.tripwire.com/state-of-security/latest-security-news/vulnerability-in-safari-allows-attackers-to-spoof-websites/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+tripwire-state-of-security+%28The+State+of+Security+%7C+Tripwire%2C+Inc.%29

Microsoft Issues Thirteen Security Bulletins, Three of Them Critical Last Tuesday was "Patch Tuesday" for the month of May, and Microsoft had a significant number of patches for their products. Three of the patches were rated as "critical," including one for Internet Explorer, one for Windows font drivers that affects both Windows and Office products, and one for the Windows Journal. Even though there are only three critical patches, each patches multiple vulnerabilities (there are over 30 vulnerabilities fixed by these three patches). The MS15-044 bulletin for the font drivers is probably the most critical, as it may allow for remote code execution when any user simply visits a web page or opens a document with a font that exploits the flaw. https://technet.microsoft.com/en-us/library/security/MS15-MAY https://technet.microsoft.com/library/security/MS15-044 http://www.symantec.com/connect/blogs/microsoft-patch-tuesday-may-2015 Adobe Announces Critical

There's an extremely critical bug in the Xen, KVM, and native QEMU virtual machine platforms and appliances that makes it possible for attackers to break out of protected guest environments and take full control of the operating system hosting them, security researchers warned Wednesday. http://arstechnica.com/security/2015/05/extremely-serious-virtual-machine-bug-threatens-cloud-providers-everywhere/

With Windows 10, Microsoft Will Move Away From Monthly Patch Cycle "Patch Tuesday" could be a thing of the past soon, as Microsoft moves to a more rapid patch release model similar to that employed in many mobile operating systems, or in Apple OSX. Businesses that use the Pro and Enterprise OS editions will have additional options to allow for testing and planned deployment of patches. http://www.computerworld.com/article/2920181/microsoft-windows/patch-tuesday-may-be-dead-but-microsofts-not-confessing-to-the-crime.html http://www.scmagazine.com/dom-based-xss-attacks-due-to-bug-in-plugins-leveraging-genericons/article/413505/ WordPress 4.2.2 Released to Fix Another Significant New Vulnerability WordPress announced last week a new version release that addresses a serious cross-site scripting vulnerability in the core WordPress engine. WordPress is an extremely popular website creation and management tool, or content management system. The vulnerability also affects th

Major WordPress Vulnerability Announced; Updates Available WordPress, the highly popular web content management system, announced a major vulnerability last Monday. This vulnerability allows an attacker to take over a WordPress website by posting a specially-crafted comment. The new, patched version is 4.2.1. If you're not sure whether you're running WordPress on your website, it's quite possible that you are. If you need help identifying potentially vulnerable software on your servers, Anchor can assist you. A properly-configured web application firewall (WAF) is another recommended means to protect your website, often even against zero-day attacks. http://arstechnica.com/security/2015/04/27/just-released-wordpress-0day-makes-it-easy-to-hijack-millions-of-websites/ https://wordpress.org/news/2015/04/wordpress-4-2-1/ Email Provider SendGrid Hacked, Customer Credentials Stolen SendGrid, an email provider user by thousands of companies, has confirmed a major br