This Week in Cybersecurity News
5 New Vulnerabilities Uncovered In SAP by Ericka Chickowski, Dark Reading
Researchers have discovered five new vulnerabilities in SAP BusinessObjects and SAP HANA, three of them high-risk. All three of the high-risk vulnerabilities are in BusinessObjects, they allow unauthenticated attackers to remotely retrieve business data, access and delete auditing information remotely and touch the system without detection, and to remotely access and overwrite business data.
Comodo's PrivDog Advertising Software Leaves Some Users at Risk by Steve Ragan, CSO
Researchers have discovered that PrivDog, Comodo’s advertising replacement software mishandles HTTPS connections by using replacing self-signed certificates with its locally installed root certificate. The issue is only found in versions that are directly downloaded from the PrivDog website and not pre-bundled versions with Comodo’s software.
Lenovo Site Hacked in Aftermath of Superfish Scandal by Phil Muncaster, InfoSecurity
The main website of PC maker, Lenovo was defaced by hackers on February 25. The defacement comes days after it emerged Lenovo had pre-installed adware designed by Superfish that allowed hackers to launch man-in-the-middle attacks. Lizard Squad claimed responsibility for the defacement.
European Cyber Police Try To Shut Down Ramnit Botnet That Infected 3 Million by Thomas Fox-Brewster, Forbes
British, Dutch, German and Italian police have claimed they disrupted Ramnit, one of the world’s biggest botnets. The Ramnit malware sought to steal victims banking login data and is believed to have infected up 3.2 million Windows PCs. It is currently found on up to 350,000 compromised machines. The command and control centers have been shut down, cutting the botnet off from its creators.
Medical Identity Theft Costs Victims $13,450 Apiece by Sara Peters, Dark Reading
A new study shows the cost of medical identity theft increased by 21.7 percent in 2014, costing an average of $13,450 per victim. Due to the healthcare industry’s lagging fraud detection, 65 percent of victims had to pay to resolve the issues themselves.