Help Net Security reports: A group of students from Saarland University’s Center for IT-Security, Privacy and Accountability (CISPA) have discovered tens of thousands MongoDB databases accessible to remote attackers, including a couple belonging to big companies and containing personal and financial information of millions of their users. MongoDB is a popular cross-platform, document-oriented NoSQL database,…
Month: February 2015
More Than 30% of Big Merchants Are Not PCI-Compliant – Study
Jim Daly reports: Fudging the numbers about their merchants’ compliance with the Payment Card Industry data-security standard (PCI) may be a common practice by merchant acquirers if findings from a new study about payment card data security are to be believed. The study by the Merchant Acquirers’ Committee, an association of more than 500…
FL: Two Pensacola Men Sentenced to Federal Prison for Tax Refund Fraud and Identity Theft Scheme
Andrey C. Cook, 34, and Richard J. Beverly II, 25, both of Pensacola, were sentenced to federal prison today on charges of mail fraud and aggravated identity theft. Cook, who worked in a group home for disabled patients, stole the personal identification information of the patients and gave it to Beverly in August 2013 for…
CA: Private Investigators Indicted for Hacking the Computers of People Opposing Their Clients in Civil Suits
SAN JOSE – Nathan Moser, Peter Siragusa, AKA Bobby Russo, Carlo Pacileo, Trent Williams, and Sumit Gupta, AKA Sumit Vishnoi, were charged with crimes related to a conspiracy to access the e-mail accounts, Skype accounts, and computers of people opposing Moser’s and Siragua’s clients’ in civil lawsuits. The indictment was announced today after it was unsealed…
Is It Time for a Wall of Shame for the Education Sector?
Over the past few months, SLC Security has been noting a lot of malware and botnet activity in the education sector – problems, they say, that the entities often don’t acknowledge when SLC Security attempts to alert them to problems. Yesterday, SLC Security wrote that they were seeing traffic from: New York University -Malicious Activity Princeton University – Malicious…
NL: Dutch house approves law on personal data breach reporting
Telecompaper reports: The lower house of the Dutch parliament has approved legislation requiring businesses and organisations to report security breaches of personal data they hold. The Law on Personal Information will be expanded to include the new requirement, which applies to businesses of all sizes as well as public sector agencies. Read more on Telecompaper.