10Fold – Security Never Sleeps – 61

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: Kentucky hospital falls victim to ransomware attack, hospital declared an internal state of emergency. Uber is offering a $10k ‘bug-bounty’ program to encourage people to find the flaws in the Uber software. The FCC is now stepping in to make certain requirements for Wi-Fi routers, despite much controversy. The Security Forum released its “Threat Horizon” report that looks ahead to the biggest security threats over a two-year period.   

Hospital Declares ‘Internal State of Emergency’ After Ransomware Infection – Publication: Krebs on Security – Reporter name: Brian Krebs

A Kentucky hospital says it is operating in an “internal state of emergency” after a ransomware attack rattled around inside its networks, encrypting files on computer systems and holding the data on them hostage unless and until the hospital pays up.


Uber’s offering you $10K to hack its software – Publication: CNBC – Reporter name: Arjun Kharpal

U.S. ride-hailing app Uber is offering hackers up to $10,000 to hack its system to uncover flaws, the company said on Tuesday. “Even with a team ofhighly-qualified andwell trained security experts, you need to be constantly on the look-out for ways to improve,” Joe Sullivan, chief security officer at Uber, said in a blog post. Uber also revealed that it launched a private beta bug bounty program for over 200 security researchers last year and they found nearly 100 bugs, all of which were fixed.


Way to Go, FCC. Now Manufacturers Are Locking Down Routers – Publication: Wired – Reporter name: Kyle Wiens

The FCC recently updated its requirements for “U-NII devices operating on the 5 Ghz bandwidth”—a designation that covers a wide range of Wi-Fi devices and routers—to stop users from modifying RF (radio frequency) devices outside of their intended parameters. Last year, the FCC proposed an expansion on the RF modding prohibition to anything with a software-defined radio.


9 biggest information security threats through 2018 – Publication: CSO – Reporter name: Thor Olavsurd

Each year, the Information Security Forum, a nonprofit association that researches and analyzes security and risk management issues, releases its ‘Threat Horizon’ report to provide a forward-looking view of the biggest security threats over a two-year period. Here are the top nine threats to watch for through 2018.