UTSA reports: Guenevere Chen, an associate professor in the UTSA Department of Electrical and Computer Engineering, recently published a paper on USENIX Security 2023 that demonstrates a novel inaudible voice trojan attack to exploit vulnerabilities of smart device microphones and voice assistants — like Siri, Google Assistant, Alexa or Amazon’s Echo and Microsoft Cortana —…
Category: Breach Incidents
Top of the World Ranch Treatment Center notifies patients after email account compromise
Top of the World Ranch Treatment Center in Illinois has disclosed that a November 17 compromise of a business email account resulted in protected health information being accessible to an attacker. The attack was detected quickly and shut down within hours, and the treatment center’s investigation could not determine if any data was exfiltrated during…
Everything old is new again… or did it just never stop? (1)
In June 2022, Christopher Cook reached out to IPFS: Hi @IPFS if someone sends a phishing email with an link to IPSF.io (sic) is that something that needs to be reported to your abuse team? If so, this is their link which is phishing for cpanel logins https://ipfs.io/ipfs/QmatpCGs1h4jCwAWcbUEFMMLrLjYi1Po3o29JWcCVxfszx — Christopher Cook (@webprofusion) June 7, 2022…
Ferrari hacked; doesn’t pay $1 million ransom demand
Not only was Ferrari dealing with grid penalty and car development problems with their F1 car this past week, but it now seems they were also dealing with a cybersecurity incident. Ferrari has revealed that it was the victim of a data breach and extortion demand. The firm’s email to customers, reproduced below, states that…
What is the cost of not purging data or moving it offline, Sunday edition
Maybe one day, a law or regulation will require entities to purge old data that is no longer needed or requires it to be disconnected from the internet. If anyone needs a fresh example of why we need that type of law or regulation, here it is: Richard T. Miller, DMD, PC, d/b/a Great Neck/Mid…
Was there a rush to arrest Pompompurin, the owner of BreachForums? If so, why?
When the owner of BreachForums was arrested this week, it was not a total surprise, but there were aspects to it that were curious. DataBreaches wonders whether this was a rushed operation in response to some possibly urgent concern. Bloomberg Law broke the news Friday that Conor Brian Fitzpatrick, aka “Pompompurin,” was arrested Wednesday, and…