# SANS ISC

# threatpost.com

# Reddit netsec

# Krebs On Security

  • Microsoft Patch Tuesday, June 2019 Edition Wed, 12 Jun 2019 13:26:21 +0000
    Microsoft on Tuesday released updates to fix 88 security vulnerabilities in its Windows operating systems and related software. The most dangerous of these include four flaws for which there is already exploit code available. There's also a scary bug affecting all versions of Microsoft Office that can be triggered by a malicious link or attachment. And of course Adobe has its customary monthly security update for Flash Player.
  • LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach Tue, 04 Jun 2019 21:45:59 +0000
    Medical testing giant LabCorp. said today personal and financial data on some 7.7 million consumers were exposed by a breach at a third-party billing collections firm. That third party -- the American Medical Collection Agency (AMCA) -- also recently notified competing firm Quest Diagnostics that an intrusion in its payments Web site exposed personal, financial and medical data on nearly 12 million Quest patients.Just a few days ago, the news was all about how Quest had suffered a major breach. But today's disclosure by LabCorp. suggests we are nowhere near done hearing about other companies with millions of consumers victimized because of this incident: The AMCA is a New York company with a storied history of aggressively collecting debt for a broad range of businesses, including medical labs and hospitals, direct marketers, telecom companies, and state and local traffic/toll agencies.
  • Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware Tue, 04 Jun 2019 00:16:11 +0000
    For almost the past month, key computer systems serving the government of Baltimore, Md. have been held hostage by a ransomware strain known as "Robbinhood." Media publications have cited sources saying the Robbinhood version that hit Baltimore city computers was powered by "Eternal Blue," a hacking tool developed by the U.S. National Security Agency (NSA) and leaked online in 2017. But new analysis suggests that while Eternal Blue could have been used to spread the infection, the Robbinhood malware itself contains no traces of it.

# Bruce Schneier's blog

# TWITTER

?>

# WIRED Threat Level

# exploit-db.com

# Securiteam

?>