It’s hard to keep up with the hundreds of security-specific headlines published every week.
So, we’re rounding up the top news that affect you, your business, and the security and technology industry overall. This week we explore car hacking, Pokemon Go, and data breach investigations. Check back every Friday to learn about the latest in security news.
Fiat-Chrysler embraces security community; launches bug bounty program
Fiat-Chrysler is inviting hackers to test their cars. The company has opened a “bug bounty program,” in which researchers can safely test the security of a company’s software in exchange for rewards, often cash. This is one of the first of its kind of the automotive industry, which is being forced to consider security more acutely as cars become more connected. Last summer, researchers were able to remotely control a Jeep driving on the highway with Wired reporter Andy Greenberg in the driver’s seat. Lookout’s Kevin Mahaffey and Cloudflare’s Marc Rogers also tested the security of a Tesla, presenting their findings at the security conference Def Con. Fiat-Chrysler says it will offer upwards of $1,500 for reported bugs.
Get more information about the new program here.
New guidelines require Healthcare institutions to report ransomware
Many industries are required to report when data breaches occur, especially if those institutions are regulated, such as healthcare. The Federal Health and Human Services Department, however, has issued guidelines that may expand reporting requirements to ransomware incidents. Ransomware locks down infected machines, making them relatively unusable and inaccessible, demanding money for their restoration. Attackers have used the now-pervasive malware against a number of hospitals in the recent past, causing much disruption in patient care.
Learn more about the new guidelines here.
Tampered Pokemon Go apps
Pokemon Go is one of the most popular apps in the world right now, which means bad actors are paying just as much attention. We’ve found a number of apps that have tampered with the rapidly-adopted game — malicious and otherwise — that use its name, code, or other features to get people to download.
Check out Lookout’s analysis and ways to stay safe here.
House Committee publishes report on FDIC breaches
The FDIC has come under scrutiny after the House Committee on Science, Space, and Technology reported new details surrounding a variety of data breaches that impacted the agency. The report included new information about a potential advanced persistent threat leveraged against the FDIC that may have originated out of China. The report also takes a closer look at a breach that came to light last February, in which a former employee is said to have taken the data “inadvertently and without malicious intent.”
Read the report here and analysis from Ars Technica here.
Image via ryan chamberlain/Flickr