Tag: Hit

04
Oct
2020
Posted in software

COVID-19 clinical trials hit as ransomware targets medical software company

Clinical trials into a COVID-19 vaccine as well as research into other diseases have been delayed following a ransomware attack on a company that provides software to medical firms.

First reported Saturday by The New York Times, the attack targeted eResearchTechnology Inc., a Philadelphia-based company that specializes in clinical software. The attack is said to have been detected two weeks ago when employees discovered they were locked out of their data by ransomware.

As a result of the ransomware attack, companies using ERT’s software were also affected. Among those were IQVIA Inc., a research organization helping managing AstraZeneca plc’s coronavirus vaccine trial, and Bristol Myers Squibb Co., a drug company leading a consortium of companies developing a quick COVID-19 test.

Clinical trial patients were not affected, but researchers were forced to resort to pen and paper to track patients.

How many companies and health organizations have been affected is unknown. The Times noted that the software is used in drug trials across Europe, Asia and North America. Three-quarters of trials that led to drug approvals by the U.S. Food and Drug Administration use ERT software, according to the Times.

The form of malware is unknown. ERT ticked the box of regular ransomware responses — taking its systems offline, calling in outside cybersecurity experts and contacting the U.S. Federal Bureau of Investigation.

Attacks on the healthcare system during the COVID-19 pandemic have been growing as ransomware groups attempt to leverage the serious situation to gain payments. “Healthcare is the richest target for hackers, who are never going to let the proverbial crisis go to waste,” Colin Bastable, chief executive officer of security awareness training firm Lucy Security AG, recently told SiliconANGLE. “The pandemic is going to be a big payday for many cybercriminals and state-backed bad actors.”

The most recent ransomware

02
Oct
2020
Posted in technology

Kylie Jenner’s cosmetics company hit in Shopify data breach

  • Kylie Jenner’s cosmetics company confirmed that it was one of the companies affected by the Shopify data breach earlier this month.
  • Two Shopify employees may have exposed customer contact and order details from 200 merchants, Shopify said on September 23.
  • Kylie Cosmetics said it was “deeply disappointed” to learn that the breach affected its customers, but remains “confident” that customers can still use its site.
  • Visit Business Insider’s homepage for more stories.

Kylie Jenner’s makeup company has warned customers that their data — including parts of their credit card numbers — may have been exposed in a Shopify security breach.

Two “rogue” Shopify staff members stole order records and may have exposed customers’ names, email and postal addresses, and order details from less than 200 merchants, the Canadian e-commerce giant said on September 23. Kylie Cosmetics was among those affected, the beauty brand announced on its website.

The breach may have compromised the last four digits of some customers’ credit card numbers, Kylie Cosmetics said in an email first reported by TMZ on September 29 but confirmed that full payment details weren’t accessed.

The cosmetics company, which uses Shopify for its online transactions, said it was “deeply disappointed” to learn that the breach affected its customers.

Kylie Cosmetics launched an investigation into the incident, it said, and was working closely with Shopify to get additional information.

Kylie Cosmetics was working to identify which transactions may have been affected, the company added and said it would inform affected customers.

On September 23, Shopify said there was no evidence that the data had been used, but that it was still in the “early stages” of its investigation. The company was working with the FBI, other international crime agencies, and a digital forensics firm, it said.

The theft wasn’t caused by any “technical

29
Sep
2020
Posted in internet

SpaceX Is Providing Satellite Internet Service to Towns Hit by Wildfires

(Credit: Washington Emergency Management)

Residents in Washington state recovering from the wildfires are remaining online, thanks to SpaceX’s satellite broadband network. 

The company’s Starlink system has been supplying the emergency internet to residents in Malden, a town of about 200 people, where an estimated 80 percent of the homes have been destroyed by the wildfires.

On Monday, Washington’s Emergency Management Department tweeted a photo of a Starlink satellite terminal acting as a public Wi-Fi hotspot. “Malden, WA is an area where fiber and most of the town burned down. Without this equipment, it would have been much harder for folks to get internet in that area,” the department added in a follow-up tweet.  

“SpaceX provided seven terminals for our agency to use for free, where we saw the most need,” the state’s Emergency Management Department told PCMag. Other Starlink terminals are supplying emergency broadband around Bonney Lake, Washington, where some local residents were also forced to evacuate due to the wildfires. 

“The terminals are being used for free public Wi-Fi, but we also used them for incident command vehicles out at the Bonney Lake, WA wildfire,” the department added. “SpaceX has not given us a timetable on when they need the equipment back. They’ve been pretty generous.”

The department declined to answer questions about the speed and latency rates for the emergency internet, and instead told PCMag to ask SpaceX. But according to CNBC, the latency rates have been reaching about 30 milliseconds, which is on par with ground-based internet. 

“I have never set up any tactical satellite equipment that has been as quick to set up, and anywhere near as reliable,” Washington State Military Department’s IT division head Richard Hall told CNBC in an interview. 

SpaceX didn’t immediately respond to a request for comment. But CEO Elon

29
Sep
2020
Posted in website

Wisconsin National Guard coronavirus testing registration website hit by outage Monday

A website for Wisconsinites to sign up for free coronavirus testing by Wisconsin National Guard teams went offline Monday evening.



a group of people standing around each other: Members of the Wisconsin National Guard assist people at a COVID-19 testing facility at UMOS, 2701 S. Chase Ave. in Milwaukee.


© MIKE DE SISTI / MILWAUKEE JOURNAL SENTINEL
Members of the Wisconsin National Guard assist people at a COVID-19 testing facility at UMOS, 2701 S. Chase Ave. in Milwaukee.

Most people waiting in line at five testing sites in the state when the website went down were still tested but some were sent home without getting tested.

Loading...

Load Error

The website — register.covidconnect.wi.gov — allows people to register for testing in advance with their personal information and gives them a QR code to scan at a testing site. They also get an email with their test results rather than a phone call.

Get daily updates on the Packers during the season.

Wisconsin National Guard spokesman Maj. Joseph Trovato said the website outage is likely linked to a much larger Microsoft outage affecting many different web platforms on Monday.

The website was working as Tuesday morning.

The Wisconsin National Guard’s coronavirus testing task force started experiencing issues with the website around 3 p.m. It affected people waiting to get tested at two sites in Milwaukee: UMOS on the city’s south side and Barack Obama School of Career and Technical Education on the north side.

Also affected were test sites at the Waukesha County Expo, University of Wisconsin-Platteville and La Crosse, which is experiencing the nation’s second-highest rate of coronavirus infection by population. A few of the sites closed a little earlier than scheduled.

Trovato said he doesn’t know if anyone was turned away but said people waiting in line at those sites should still have been tested, with their contact information taken manually.

One man said he was in line at 4:30 p.m. at Obama School and did not get tested

29
Sep
2020
Posted in website

Flightradar24 website Hit By Three Suspected DDoS Attacks In 48 Hours Prompting Wild Conspiracy Theories

Someone hiding in the long shadows of the Internet has taken against the world’s most popular flight tracking website, Flightradar24.

The Swedish company hasn’t confirmed it suffered a Distributed Denial of Service (DDoS) attack but that seems the most likely explanation for a series of outages and general instability that affected the site from the early afternoon of September 27 ET.

After subscribers took to forums to muse on odd communication errors and empty maps on the mobile app, the company’s Twitter feed initially put the issue down to “network problems.”

Cue further problems and a flurry of updates over the following 24 hours and suddenly the feed’s explanation turned from gremlins in the data center to something more significant:

“For the third time in two days Flightradar24 is under attack. Our engineers are working to mitigate the attack as quickly as possible and we hope to be back tracking flights soon. We appreciate your patience and apologize for the inconvenience.”

The good news is that by Tuesday, September 29, the site was available again without issues.

DDoS attacks aren’t a surprise – frankly it’d be more of a surprise if a day passed without a large site not experiencing some form of traffic issue – but potentially suffering three in rapid succession large enough to disrupt a popular service always stands out.

For those unfamiliar with the joys of Flightradar24, it is used by its two million fan base across the globe to track 180,000 aircraft movements per day in real time, complete with airspeed, altitude, flight heading, aircraft type, registration number, and airline identifier.

In late 2018, aviation enthusiasts were even able to use it to unmask President Trump’s unscheduled trip to Iraq on call sign Air Force One, after