The confidential medical information of more than 400 patients has been found in an abandoned aged care facility that was operated by the New South Wales government, the ABC has reported. The facility was once the Garrawarra Centre for Aged Care in Helensburgh, 45km south of Sydney, which according to the ABC is operating a 120-bed dementia-specific facility nearby. It is believed the documents, containing pain and incontinence charts, social worker reports, doctors’ referrals, hospital admission forms, a photo album, and an internal memo regarding a complaint from a daughter who was not notified when her father died, were left on the floor of the derelict building.
Microsoft has fixed a vulnerability in the Edge browser that could be abused against older versions to steal local files from a user’s computer. The good news is that social engineering is involved in exploiting the flaw, meaning the attack cannot be automated at scale, and, hence, present a smaller level of danger to end users. Discovered by Netsparker security researcher Ziyahan Albeniz, the vulnerability involves the Same-Origin Policy (SOP) security feature that all browser support.
The Bitfi cryptocurrency wallet, touted as an “unhackable” system, appears to have been hacked a week after launch. Backed by technology personality John McAfee, the Bitfi cryptocurrency wallet claims to have “fortress-like” security and the product’s “security is absolute and that the wallet cannot be hacked or penetrated by outside attacks.” Available for $120, the hardware connects to an online dashboard for users to keep an eye on their funds and access their cryptocurrency. The device and online platform sync through a Bitfi ID and when transactions are made, users input a phrase to generate a private key.
Cisco said it will buy cybersecurity company Duo Security for $2.35 billion in cash and stock. Cisco’s stock was down 1 percent on the news. Duo Security is a private company based in Ann Arbor, Michigan. The company provides cloud-based tools to prevent security breaches on devices, Cisco said in its announcement. The deal is expected to close by the end of Cisco’s fiscal 2019. It’s Cisco’s biggest acquisition since the $3.7 billion deal for application management company AppDynamics in early 2017 and continues CEO Chuck Robbins‘ string of moves to push the company deeper into software. In October, Cisco agreed buy BroadSoft, a developer of call center technology, for $1.9 billion.
A malware sample that had code in all the wrong places piqued Maddie Stone’s curiosity. So she dug into the sample and emerged many hours later with a description of a complex anti-analysis library that threat actors are using to, among other things, give new life to old threats.