What you need to know for your personal cyber security life…
Number Eightteen in a series of semi-regular daily current and topical computer threats that may affect your online, or even offline, digital and real life. Why cyber-security on SurvivalRing? Because EVERYTHING you do in your life everyday now is a part of the cyber world…even your offline plans. So, be aware, and pay attention. The bad guys WILL eventually get around to YOU…personally…so be prepared for it, by staying in the loop.
# # #
Bitcoin Exchange Mt. Gox Goes Offline Amid Allegation s of $350 Million Hack
http://www.wired.com/wiredenterprise/2014/02/bitcoins-mt-gox-implodes/
- BY ROBERT MCMILLAN
- Enterprise
- Wired.com
- 02.24.14
Mt. Gox, once the world’s largest bitcoin exchange, has gone offline, apparently after losing hundreds of millions of dollars due to a years-long hacking effort that went unnoticed by the company.
The hacking attack is detailed in a leaked “crisis strategy draft” plan, apparently created by Gox and published Monday by Ryan Selkis, a bitcoin entrepreneur and blogger (see below). According to the document, the exchange is insolvent after losing 744,408 bitcoins — worth about $350 million at Monday’s trading prices. The plan paints a bleak picture of the exchange’s finances and outlines an arbitrage scheme to restore the exchange to solvency. “The reality is that Mt. Gox can go bankrupt at any moment, and certainly deserves to as a company,” the document states.
WIRED couldn’t confirm the authenticity of the document. Reached Monday night, a Gox representative declined to comment on the document and referred us to the company’s webpage, before abruptly hanging up. But the website went offline a few hours after the company suspended trading on its exchange, and if the document is indeed authentic, the situation it described could reverberate across the world of bitcoin and possibly hamper the future of the digital currency.
Bitcoin insiders had been bracing for the worst from Mt. Gox for weeks, but the magnitude of the apparent theft — which would be the largest bitcoin heist ever — and the company’s alleged plan to replenish its stock of bitcoins took even seasoned bitcoiners by surprise. “Gox is the worst-run business in the history of the world,” said Roger Ver, in an instant message interview. Ver is a bitcoin advocate who lives across the street from Mt. Gox’s Tokyo offices and tried to help out the troubled exchange the last time it was hacked, back in 2011.
[…]
# # #
HIMSS14: 10 healthcare data security challenges
http://healthitsecurity.com/2014/02/24/himss14-10-healthcare-data-security-challenges/
- By Mac McMillan
- Health IT Security
- February 24, 2014
This week many of us will head off to the HIMSS14 annual conference in Orlando. For some this will represent a break from this years harsh winter weather, for others a welcome break from the routine and a chance to see what’s new, and for others a chance to look for that thing they have been wanting to add to their program.
I hope it will also be a chance for some to get more familiar with the privacy and security challenges that face this industry and learn from many of the great sessions that will be presented on these topics. Maybe even come by and see David Holtzman and I on Wednesday talk about risk management in the context of the OCR’s audit results and others analysis. To help focus your selection of sessions to attend and things to talk to others about, I decided to provide my list of top 10 security challenges to consider.
1. Insider abuse — Not a popular topic, but none the less a very important one as insider misuse of privileges continues to plague us and contribute to a lot of the lost devices, stolen data, fraud and medical identity theft we experience. There are solutions that help us monitor more closely what insiders are doing.
2. Medical devices — A huge issue and one that HIMSS actually has devoted a preshow workshop to. Medical devices are not secure and present a risk to the networks and the people they are connected to. Providers bear the brunt of this issue because manufacturers don’t have standards and the FDA has been reluctant to regulate them.
[…]
# # #
Ex-Googler s at Shape Security Get $40 Million More To Fund Their War On Bots
- By Andy Greenberg
- Forbes Staff
- Security
- 2/25/2014
Shape security spent more than two years working in secret before officially launching its buzzy web security appliance last month. But at its first public appearance at the RSA security conference this week, the company is coming out of stealth with a bang.
On Tuesday, Shape announced another $40 million round of a venture capital funding led by Norwest Venture Partners. That injection brings its total investment to $66 million after previous investments by Google Ventures, Kleiner Perkins and others, a sizeable war chest for a startup that only recently saw the light of day. The company, founded by ex-Googler Sumit Agarwal and ex-Oakley Network chief executive Derek Smith, sells a pizza-box-sized appliance called a “Shapeshifter” that dynamically alters the code on a customer’s website to confound any automated program that’s attempting to exploit it; The company’s executives call their product the world’s first “botwall.”
Shuman Ghosemajumder, a former Google click fraud czar and now Shape’s VP of strategy, says that the money is intended to help Shape hire a larger salesforce and develop its R&D team to prepare for the inevitable cat-and-mouse game it expects to face with advanced hackers’ automated attacks on customers’ sites. “We need to move faster,” says Ghosemajumder, to “put out a worldwide salesforce, invest in engineering and meet the demand we’ve seen since launch.”
Shape told me last month that it expects “ten-figure” bookings in 2014, and says it’s on track to meet that number. The company current has 60 employees, and plans to double its headcount in the next 12 months.
[…]
# # #
Five outstate Minnesota banks sue Target over data breach
http://www.startribune.com/business/246983121.html
- By: JENNIFER BJORHUS
- Star Tribune
- February 24, 2014
A group of First Farmers & Merchants banks in southern Minnesota have sued Target Corp. over alleged damages from the retailer’s data breach late last year.
While a number of financial institutions from around the country have sued the company since news of the data heist broke, the First Farmer & Merchants lawsuit is believed to be the first by a financial institution on Target’s home turf in Minnesota.
“The way that this has happened, it’s the banks whose exposure is greatest here, ” said Garrett Blanchfield, a lawyer at Reinhardt Wendorf & Blanchfield in St. Paul representing the local banks. “We think the Minnesota laws provide a sound basis for us.”
The complaint doesn’t specify a damage amount but says the banks have had to refund fraudulent charges, close and reopen checking and savings accounts and cancel and re-issue credit and debit cards.
[…]