The Associated Press has an update on an insider breach previously noted earlier this year: Forty-one-year-old Angela Roberts of Stephenson, Virginia, entered the plea Monday in federal court in Martinsburg. Roberts admitted using someone else’s personal information to commit bank fraud in June 2016 in Berkeley County, West Virginia. She faces up to five years…
Month: July 2017
Google Groups misconfiguration leads to sensitive data leaks
Zeljka Zorz reports: If your employees are using Google Groups to discuss issues and ideas, you might want to check whether the sharing setting for these groups is set to “Private”. According to RedLock researchers, many companies fail to do so, most probably by accident, and end up exposing messages containing sensitive information on the…
Microsoft opens up a new front in the battle against Fancy Bear
John E. Dunn reports: Can anyone – or anything – take on well-resourced nation state hacking groups? Protected by anonymity and plausible deniability, conventional wisdom says not, but conventional wisdom ignores a company like Microsoft wielding a secret weapon with the power to hinder even the cleverest hacking group: lawyers. This, it has emerged, is…
45,000 Facebook Users Leave One-Star Ratings After Hacker’s Unjust Arrest
Catalin Cimpanu reports: Over 45,000 users have left one-star reviews on a company’s Facebook page after the business reported a security researcher to police and had him arrested in the middle of the night instead of fixing a reported bug. The arrest took place this week in Hungary after an 18-year-old found a flaw in…
Ricoh Australia Scrambles to Fix Document Leak
Jeremy Kirk reports: Ricoh’s Australia office has notified banks, government agencies, universities and many large businesses about a curious data breach that, in some cases, exposed login credentials for its multifunction devices. It’s unclear how the documents – called run-up guides – were exposed on the internet and indexed by Google’s search engine. Ricoh says…
Japan to take ‘strict action’ against Bayer over patient-data scandal
Ed Silverman reports: The Japanese government intends to take “strict action” against Bayer after the drug maker acknowledged three employees “inappropriately” accessed patient data as part of a plan to promote its Xarelto blood thinner, according to Pharma Japan. In response, Bayer executives will voluntarily return 10 percent of their salaries for three months for…