Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it. Source: Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps Healthcare privacy and security Enter […]
Cybercriminal group Carbanak has stolen hundreds of millions of dollars from financial institutions. Here’s a detailed analysis by Bitdefender of an attack on one bank. Source: From phish to network compromise in two hours: How Carbanak operates
Extent of the hack is unknown, but Flipboard said hackers had access to its systems for almost nine months. Source: Flipboard says hackers stole user details | ZDNet Flipboard confirms database hack, resets all user passwords InfoSec Breaches Subscribe in a reader
Perceptics confirms intrusion and theft, stays quiet on details Source: Maker of US border’s license-plate scanning tech ransacked by hacker, blueprints and files dumped online Car Security Security Breach Digital License Plates: Convenience or Privacy Risk? Subscribe in a reader
Millions of Instagram influencers had their private contact data scraped and exposed A massive database containing contact information of millions of Instagram influencers, celebrities and brand accounts has been found online. The database, hosted by Amazon Web Services, was left exposed and without a password allowing anyone to look inside. At the time of writing, […]
Hackers exploit Jenkins flaw CVE-2018-1000861 to Kerberods malware Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the Kerberods dropper Follow the numbers in blue to understand each step. Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the […]
Unsecured SkyMed Database Exposed PII Data Of 137K Individuals Reportedly, the unsecured SkyMed database exposed huge records having medical and personal information of US citizens online. Source: Unsecured SkyMed Database Exposed PII Data Of 137K Individuals ISO/IEC 27018:2014, 1st Edition: Information technology – Security techniques – Code of practice for protection of personally identifiable information […]
Data Security Thought Collection #1 was big? Collection #2-5 just dwarfed it Source: The biggest ever data dump just hit a colossal 2.2 billion accounts
#InfoSecBreaches A Chilean Senator has taken to Twitter with alarming news – the company running the country’s ATM network suffered a serious cyberattack. Source: Attackers used a LinkedIn job ad and Skype call to breach bank’s defences
Data belonging to online casinos found exposed online on unprotected Elastic search instance, it includes info on 108 million bets and user details Source: Did you win at online casinos? Your data might have had exposed online More on Data Security
Credit rating agency Equifax is to be fined £500,000 by the Information Commissioner’s Office (ICO) after it failed to protect the personal data of 15 million Britons. A 2017 cyber-attack exposed information belonging to 146 million people around the world, mostly in the US. The compromised systems were also US-based. But the ICO ruled Equifax’s […]
by Ilenia Vidili In South Africa the Protection of Personal information Act (POPI) aims to regulate how companies secure the integrity and confidentiality of their data assets by taking technical and organisational measures to prevent the loss of, and damage and unauthorised access to, personal information. POPI was signed into law on 26th November 2013 […]
Cyber attacks have become a regular occurrence in the last few years; in fact, you can’t turn the news on without some mention of a business suffering an attack. Most attacks are fuelled by criminals looking to steal valuable information, but what type of information is being stolen? According to a report by Veracode, the […]
Information Security Breaches: Avoidance and Treatment based on ISO27001 If you are running a business, you learn to expect the unexpected. Even if you have taken all the right precautions, your company might still find itself confronted with an information security breach. How would your business cope then? There are lots of books that will […]
“Tango down – cia.gov – for the lulz,” the group, which had earlier claimed responsibility for hacking into the websites of the U.S. Senate, Sony, Nintendo and Fox News, wrote on its Twitter feed. “While some people think this is a fun game that can also help point out corporate security weaknesses, the truth is […]
US Senate Hacked! “We Don’t Like The U.S. Government Very Much” LULZ Security The video states some reasons in significant rise of hack attack by Lulz Security on US information assets including critical assets (US senate) which is a growing threat to national security. Leon Penetta warned in last week hearing that next Pearl Harbor […]
“Citigroup says it has discovered a security breach in which a hacker accessed personal information from hundreds of thousands of accounts. Citigroup said the breach occurred last month and affected about 200,000 customers.” “During routine monitoring, we recently discovered unauthorized access to Citi’s account online,” said Citigroup, in a prepared statement. “A limited number — […]
LONDON — Nearly 180 passwords belonging to members of an Atlanta-based FBI partner organization have been stolen and leaked to the Internet, the group confirmed yesterday. The logins belonged to the local chapter of InfraGard, a public-private partnership devoted to sharing information about threats to US physical and Internet infrastructure, the chapter’s president said. “Someone […]
LONDON: Unknown hackers have broken into the security networks of Lockheed Martin Corp (LMT.N) and several other US military contractors, a source with direct knowledge of the attacks told this news agency. They breached security systems designed to keep out intruders by creating duplicates to “SecurID” electronic keys from EMC Corp’s (EMC.N) RSA security division, […]
A complete solution to manage an information security incident Managing Information Security Breaches Even when organisations take precautions, they may still be at risk of a data breach. Information security incidents do not just affect small businesses; major companies and government departments suffer from them as well. A strategic framework Managing Information Security Breaches sets […]
