Pages

Wednesday, August 20, 2014

Report: Devastating Heartbleed Flaw Was Used in Hospital Hack

Report: Devastating Heartbleed Flaw Was Used in Hospital Hack


Report: Devastating Heartbleed Flaw Was Used in Hospital Hack

Posted: 20 Aug 2014 11:18 AM PDT

The infamous Heartbleed Internet security flaw that exposed half a million secure servers to password theft was used by Chinese hackers to steal data from American hospitals, according to a report.

Citing anonymous sources, the data security company TrustedSec told TIME Wednesday that the Heartbleed vulnerability allowed hackers to steal secret keys used to encrypt user names, passwords and other information from Community Health Systems, the second-biggest for-profit U.S. hospital chain. They then used the keys to swipe 4.5 million patients’ data. The attack marks the first known breach of a company by hackers using Heartbleed.

Community Health Systems, which operates 206 hospitals in 29 states, said in an SEC filing Monday that the attackers bypassed its security systems and stole data that included birth dates, names, social security numbers and addresses for 4.5 million patients.

“The initial attack vector was through the infamous OpenSSL "heartbleed" vulnerability which led to the compromise of the information,” TrustedSec said in a blog post. TrustedSec cited three “trusted” and anonymous sources close to the Community Health investigation.

Though the recent attack on Community Health Systems is the first that’s known to have used the Heartbleed vulnerability, it is likely just one of many instances that did, security experts said. Hackers had a wide window for mischief in the period between Heartbleed’s disclosure in early April and companies’ installation of patches to defense against the exploit, which in some cases took days or weeks.

“You had a lag time of a week to several weeks before patches were implemented, so if attackers were scanning companies, there must have been countless situations where hackers used Heartbleed to gain access,” TrustedSec CEO David Kennedy said. “This is just the beginning of many that have either not been discovered, or cases in which companies are working on responding and disclosing now.”

Kennedy said the hospital incursion happened about a week after Heartbleed was first made public.

Most of the well-known attacks attributed to Chinese hackers have targeted valuable intellectual property, particularly telecommunications or defense companies, or large industrial companies. But the recent attack against Community Health instead targeted social security numbers and customer data, signifying a different approach by Chinese cyber criminals, if the attacks indeed came from China.

“The attack against Community Health Systems might not have been for espionage or industrial espionage,” said Nir Polak, the co-founder of security company Exabeam. “The attackers might have just wanted to monetize on cybercrime,” Polak said, which is often the goal of non-governmental cybercrime groups.

US Officials: Military Mulling More Troops to Iraq

Posted: 20 Aug 2014 11:07 AM PDT

(WASHINGTON) — U.S. officials say military planners are weighing the possibility of sending more American forces to Iraq mainly to provide additional security around Baghdad.

A senior U.S. official says the number of troops currently under discussion would be fewer than 300, but there has been no final decision yet by Pentagon leaders.

The talks come as American fighter jets and drones conducted nearly a dozen airstrikes in Iraq since Tuesday when Islamic State militants threatened to kill a second American captive in retribution for any continued attacks.

A U.S. official says the strikes came in the hours after militants released a gruesome video Tuesday showing U.S. journalist James Foley being beheaded.

These Are The Oldest Living People in the World

Posted: 20 Aug 2014 11:06 AM PDT

Ebola Treatment May Emerge From Drug For Another Virus

Posted: 20 Aug 2014 11:00 AM PDT

With the latest outbreak of Ebola in western African claiming more than 1,200 lives since March, any advances on the treatment front are welcome—even if they come from studies of a related virus.

Thomas Geisbert, professor of microbiology and immunology at the University of Texas Medical Branch at Galveston, is getting more attention than he expected for his work on a promising therapy for a virus called Marburg because of its potential application against Ebola. In the journal Science Translational Medicine, Geisbert, who spent two decades at the U.S. Army Medical Research Institute of Infectious Diseases working on treatments for emerging and lethal pathogens, reports that delivering bits of RNA encased in a protein to monkeys infected with the nastiest Marburg strain can save their lives. While all of the 16 animals treated with the experimental treatment survived, none of the animals who weren't treated did.

MORE: We're Getting Closer to Vaccines and Drugs for Ebola

In 2010, he and his colleagues published equally promising results using the same technique against Ebola Zaire, the same strain responsible for the deaths in western Africa. In that study, however, the animals were treated within an hour of being infected with a highly lethal dose. The animals survived, so Geisbert is eager to test whether delaying treatment longer, up to several days after infection, will also protect patients, just as it did with the monkeys in the current study. Having such a window is critical because in reality, people may not even know they have been infected until they experience symptoms like fever or headaches.

"This is the first study showing that we can treat [filovirus infections] when we first start seeing signs of illness," he says. "I am very confident that the same will hold true with Ebola. We demonstrated in 2010 that the same strategy works against Ebola Zaire and I think we certainly can optimize the strategy to perhaps do even better." The animals in the study were dosed with a much higher amount of virus than people would generally see, so Geisbert believes that if it's possible to extend protection against Ebola, it would buy up to a week of time in which people could be successfully treated. What's making Geisbert so optimistic is the fact that the technique involves blocking the virus' ability to reproduce, unlike the therapy that two American health workers received, which relies on antibodies that stick to the virus and incapacitate it before it can infect healthy cells.

MORE: Containing Ebola Is Extremely Labor Intensive, Former CDC Researcher Says

Tekmira, a Canadian biotech company, has begun early human trials testing the safety of the Ebola version of the therapy. While the Food and Drug Administration requires human trials for all new drugs and vaccines, for so-called exotic viruses like Ebola and Marburg, for which intentionally infecting volunteers wouldn't be ethical because of their lethality, the agency makes an exception. It accepts tests involving animals that replicate the human course of disease, and a trial of the drug's safety in uninfected, healthy human volunteers. The FDA had put a hold on the company's application for approval, pending more confirmation that the product was safe to study in healthy people in escalating doses, but that in August the agency changed that to a partial hold. That makes it possible for any person, or country, that requests the treatment to receive it under emergency conditions.

"There is a lot of pressure to move studies [on Ebola] to the forefront and do them sooner rather than later," says Geisbert. And now there's more evidence that doing so could potentially save more lives.

MORE: Inside the CDC's Emergency Operations Center Tackling Ebola

 

Showtime Renews Masters of Sex for a 3rd Season

Posted: 20 Aug 2014 10:48 AM PDT

Masters of Sex and Ray Donovan will both return to Showtime for third seasons, the premium cable network announced Wednesday. Each show has gotten a 12-episode order.

Masters of Sex, based on the real lives of sex researchers and lovers William Masters and Virginia Johnson, has five Emmy nominations this year, including a best actress nomination for Lizzy Caplan. Allison Janney, who appeared on the first season of Masters, already won for Outstanding Guest Actress in a Drama at the Creative Arts Emmys on Saturday night. The show averages about four million viewers per week across multiple platforms.

Ray Donovan, which stars Liev Schreiber, averages about five million per week on multiple platforms and had the biggest premiere in Showtime’s history, drawing 2.2 million viewers in June 2013.

Target Profits Tumble by 62% in Second Quarter

Posted: 20 Aug 2014 10:46 AM PDT

Target Corporation lowered its year end earnings forecast on Wednesday as the ailing retailer posted a 62% drop in second quarter profits.

Underwhelming sales and the continuing fallout from last year’s data breach have lowered the company’s year-long earnings forecast to between $3.10 to $3.30 per share from between $3.60 to $3.90. Same-store sales in the U.S. remained flat, despite an aggressive promotional campaign to lure in customers with steep price discounts. Sales in Canada, where the company has launched an ambitious expansion of stores, declined 11.4% in what the company attributed to a drop off from strong grand opening sales.

“While results from the quarter didn't meet our expectations, we are seeing some early signs of progress as we work to improve results in the U.S. and Canada," said John Mulligan, executive vice president and chief financial officer of Target Corporation.

Target also incurred losses of $111 million related to last year’s data breach, which compromised the account information of some 40 million customers. The company expects total losses from the breach to climb to $148 million as it continues to work through a backlog of faulty payment claims.

Little Kid Totally Freaks Out When His Dad ‘Takes’ His Ear and Nose

Posted: 20 Aug 2014 10:39 AM PDT

You know that game adults like to play where they pretend to steal kids’ nose and then promptly taunt them by chanting, “I got your nose”? Well, a dad named Jesse Fulcher decided to play that game with his son and then uploaded his “priceless” reaction to YouTube.

Fulcher begins by “taking” his son’s ear. He sees how distraught the kid becomes, so he puts it back. Then, for some reason, the kid agrees to let his dad take his nose too, which also causes him to break down in tears.

In the end, all the boy’s facial features are returned to their rightful spots.

Most Teenagers Believe Porn Is Damaging. Could Sex Ed Be The Answer?

Posted: 20 Aug 2014 10:29 AM PDT

The rise of online pornography has long worried researchers, feminists and parents about the toll easy access to graphic images would take on young people.

It turns out, young people are grappling with the same concerns. A poll released on Wednesday by the Institute for Public Policy Research (IPPR), a British think tank, asked 500 18-year-olds about their views on pornography and its impact on their lives. The results aren’t pretty.

Most of the teens polled said that “accessing” pornography was common throughout their school years, with many starting around the ages of 13-15. And, according to the poll, a whopping 72 percent of 18-year-olds surveyed believe that pornography leads to unrealistic attitudes about sex, while 70 percent believe that pornography can have a damaging impact on young people's views of sex or relationships.

Negative feelings about porn and its impact were more pronounced among teenage girls. Nearly 80 percent of the young women polled said that porn puts pressure on girls to look and act a certain way. Meanwhile, only 18 percent of the young men strongly agreed with the statement “pornography encourages society to view women as sex objects," compared to 37 percent of young women. But the overall majority of teens — 66 percent of women and 49 percent of men — said they believed "it would be easier growing up if pornography was less easy to access for young people."

“This new polling data shows that pornographic images are pervasive in teenagers’ lives and that young women in particular are acutely conscious of how damaging they can be,” said IPPR associate director, Dalia Ben-Galim, about the poll’s results. “It paints a worrying picture about the way online pornography is shaping the attitudes and behavior of young people.”

So what can we do about this issue? It should be noted that in the U.K., internet providers are now required to block explicit websites as a default — people who want to remove the blocks in order to view porn must opt in. Yet it’s obvious that teens are still finding access to pornography and it’s a cause for concern for many of them.

One way to address the concerns could be found in another question from IPPR’s poll. When asked, the vast majority of the teens polled — 86 percent — said they thought that “sex and relationship advice should be taught in schools.” Now some form of sex ed is already a part of British public school’s curriculum from the age of 11 onwards (though parents do have the right to withdraw their children from parts of the course), but perhaps these courses should be tailored to actually address what teens are seeing in pornography and the way it impacts their lives.

It’s also possible that by age 11, it’s already too late. Miranda Horvath, a psychology professor at Middlesex University in London who has done research on pornography, told the New York Times earlier this year that kids would benefit from some form of sexual education before they actually encounter pornography:

One of our recommendations is that children should be taught about relationships and sex at a young age… If we start teaching kids about equality and respect when they are 5 or 6 years old, by the time they encounter porn in their teens, they will be able to pick out and see the lack of respect and emotion that porn gives us. They'll be better equipped to deal with what they are being presented with.

According to IPPR’s poll, teenagers are looking for help dealing with the pornography that clearly isn’t going away. It’s just up to educators and policymakers to listen to them.

Obama Says ‘Entire World Is Appalled’ By ISIS Beheading of Journalist

Posted: 20 Aug 2014 10:19 AM PDT

President Barack Obama said Wednesday that the “entire world is appalled” by the death of American journalist James Foley, who was kidnapped in Syria more than 18 months ago and whose death was depicted in a video Tuesday.

The militant group Islamic State of Iraq and Greater Syria (ISIS) posted the graphic video of the execution on Tuesday, calling it retribution for American airstrikes against Sunni extremist forces in Iraq. The U.S. intelligence community has authenticated the video, National Security Council spokesperson Caitlin Hayden said.

“Today the entire world is appalled by the murder of journalist Jim Foley,” Obama said Wednesday in an emotional statement from Martha’s Vineyard.

Obama said the Middle East must work to “extract this cancer” that threatens the stability of Iraq and the region. “[ISIS] speaks for no religion,” Obama said. “Their victims are overwhelmingly Muslim.”

“No just God would stand for what they did yesterday and what they do every single day,” he added.

Obama called Foley’s family on Wednesday morning to express his condolences on the loss of their son.

“Jim was taken from us in an act of violence that shocked the conscience of the entire world,” Obama said.

The video also includes a threat to kill Steven Sotloff, a freelance journalist who has written for TIME and other outlets, and has been missing since August 2013. “We keep in our prayers those other Americans who are separated from their families,” Obama said. “We will do everything that we can to protect our people and the timeless values that we stand for.”

Obama said the United States would continue its efforts to confront ISIS. “The United States of America will do what we must to protect our people,” he said. “We will be vigilant, and we will be relentless.”

A Facebook page affiliated with the Foley family's campaign for his release posted a message Tuesday evening from his mother, Diane Foley.

"We have never been prouder of our son Jim," she wrote. "He gave his life trying to expose the world to the suffering of the Syrian people. …We thank Jim for all the joy he gave us. He was an extraordinary son, brother, journalist and person. Please respect our privacy in the days ahead as we mourn and cherish Jim."

Foley "was taken by an organized gang after departing from an internet café in Binesh, Syria," near the Turkish border, the FBI said in an alert following the Nov. 22, 2012, kidnapping. He was in Binesh covering the Syrian civil war for the GlobalPost website and AFP.

Foley, 40, grew up in New Hampshire, where his parents live.

-Additional reporting by Mark Thompson.

Everything We Know About the Two Competing Jungle Book Films So Far

Posted: 20 Aug 2014 10:19 AM PDT

By now, you may have heard that Benedict Cumberbatch has been tapped to voice the tiger Shere Khan in Warner Bros. upcoming production of The Jungle Book.

But wait, you might also be thinking, isn’t Idris Elba doing the voice of Shere Khan in another upcoming production of the same title? The answer is yes — though it’s a different film altogether.

Both Warner Bros. and Disney are planning competing adaptations of the Rudyard Kipling classic story about an orphan boy named Mowgli who is raised by animals in the jungle. The two films are set to be released about a year apart and though the Warner Bros. version — which is said to be a relatively dark film, especially compared to the 1967 Disney animated classic — has only just recently landed its director, news of each production has been rolling in fast. In fact, The Hollywood Reporter has just named a whole slew of actors — including Cate Blanchett and Christian Bale — that have joined the Warner Bros. cast.

With all the big names being thrown around, it can all get confusing. That’s why we’re here to break down what we know about each film so far:

Disney

Director: Jon Favreau, best known for Swingers and the Iron Man films.
Mowgli: Neel Sethi, an adorable newcomer.
Shere Khan: Idris Elba, best known for his roles on The Wire and Luther.
Baloo: Bill Murray, best known for Ghostbusters, Wes Anderson films and crashing parties in Brooklyn.
King Louie: Christopher Walken, best known for Deer Hunter, his dance moves and “more cowbell.”
Kaa: Scarlett Johansson, best known for Lost in Translation, Vicky Cristina Barcelona and playing a superhero.
Bagheer: Ben Kingsley, who needs no introduction.
Raksha: Lupita Nyong’o, best known for 12 Years a Slave.
Release date: October 9, 2015

Warner Bros.

Director: Andy Serkis, best known for his roles in The Lord of the Rings and the new Planet of the Apes films, is making his directorial debut.
Mowgli: Rohan Chand, best known for his role in Bad Words.
Shere Khan: Benedict Cumberbatch, best known for playing any number of oddballs and misfits and making the internet swoon.
Baloo: Serkis, again.
Begheera: Christian Bale, best known for playing Batman.
Kaa: Cate Blanchett, best known for playing a queen and Blue Jasmine.
Nisha: Naomie Harris, best known for playing Eve Moneypenny in Skyfall and Winnie Mandela in Mandela: Long Walk To Freedom.
Release date: October 21, 2016

With all the big names that Warner Bros has just landed for its cast, the studio is indicating they’re ready to go head to head with Disney. So which version will come out on top? Only time and the laws of the jungle — that is, Hollywood — will tell.

0 comments:

Post a Comment