Serenity Care’s tagline on their web site is “putting a loving touch on home healthcare.” Maybe it should add, “and putting a touch on your wallet.” The owner of a private home health care agency is under arrest after a nine-month investigation. Allison Delong, 38, owns Serenity Care, which is based in Chatham. Police say Delong stole…
Month: April 2016
Kylie Jenner Lip Kit Website Glitch Personal Customer Info Exposed
TMZ reports: Kylie Jenner’s cosmetics site has a shaky foundation, because it’s been inadvertently exposing very personal customer information. Here’s the problem. When someone tried to log into the site, it would send them to an existing customer’s account, revealing names, email addresses, personal addresses, order history, etc. Every time a customer refreshed the site,…
University employees vulnerable after tax data breach involving W-2 vendor
Hannah Knowles reports that a breach involving a W-2 vendor has left employees in the education sector at risk of tax refund fraud. This time, it’s W-2 Express and Stanford University, although other clients of W-2 Express are also reportedly affected: At least 600 current and former Stanford employees are vulnerable to tax fraud following the illegitimate download…
Flaws in Worldpay’s Merchant Portal Allow Attackers to Modify Payment Forms
Catalin Cimpanu reports: Vulnerabilities known as IODR (Insecure Direct Object References) were found and fixed in Worldpay, an online secure payments platform, security researcher Randy Westergren reports. An IODR vulnerability is when users have access to information they should not see, either because it belongs to another user or originates from an account with higher privileges. In…
Former Energy Department worker sentenced in email ‘spear-phishing’ attempt
Spencer S. Hsu reports: A former Energy Department employee was sentenced to 18 months in prison after offering to help a foreign government infiltrate the agency’s computer system to steal nuclear secrets and then attempting an email “spear-phishing” attack in an FBI sting operation. Charles Harvey Eccleston, an environmental scientist formerly employed by the department…
US attorney Bharara set free hacker who led attacks on Turkish gov’t
Ragip Soylu and Yunus Paksoy report: U.S. attorney Preet Bharara, who has been at the top of the agenda recently in Turkey due to his arrest of Turkish-Iranian businessman Reza Zarrab, had prepared an indictment and set free an FBI informant who orchestrated cyberattacks on the Turkish government. Hector Xavier Monsegur, also known as Sabu, was a…