Commentaries and Analyses – Page 197

Cyberwar: Are attacks by Russian hackers still covered by cyber insurance? Germany’s perspective (for now)

Posted on April 6, 2022 by Dissent

Google translation: In the wake of Russia’s attack on Ukraine, there are fears that Russia will launch a broad-based cyber war. Western countries could also become the focus of Russian cyber attacks. In this context, it can be expected that cyber insurers will invoke the so-called war exclusion and refuse to pay benefits. However, the considerations made by…

Would Sea Mar Community Health even know about large patient data dumps if not for DataBreaches.net?

Posted on April 6, 2022 by Dissent

The chronology of Sea Mar Community Health Center’s responses to a massive data breach suggests that they may be first learning of data dumps because of notifications by DataBreaches.net or this site’s reporting of our discoveries. If true, what does that say about their security and incident response? A DataBreaches.net commentary. Since 2021, DataBreaches.net has…

APT10: These sneaky hackers hid inside their victims’ networks for nine months

Posted on April 6, 2022 by Dissent

Danny Palmer reports: A hacking and cyber espionage operation is going after victims around the world in a widespread campaign designed to snoop on targets and steal information. Identified victims of the cyber attacks include organisations in government, law, religious groups, non-governmental organisations (NGOs), the pharmaceutical sector and telecommunications. Multiple countries have been targeted, including…

Audit of the Connecticut Health Insurance Exchange Uncovers 44 Unreported Data Breaches

Posted on April 6, 2022 by Dissent

HIPAA Journal reports: An audit of Connecticut’s Health Insurance Exchange, Access Health CT, by the state auditor has revealed Access Health CT suffered 44 data breaches over the last 3.5 years that had not been fully reported and that sufficient steps had not been taken to safeguard sensitive data. The Connecticut Health Insurance Exchange acts…

Ledger users file a class-action lawsuit against Shopify over a data breach

Posted on April 5, 2022 by Dissent

Ali Raza reports: Shopify, a leading global eCommerce platform, faces a class-action lawsuit filed by users of the Ledger hardware wallet. The lawsuit stems from a major data breach that happened in 2020. The class-action lawsuit was filed at the US District Court of Delaware on April 1. The lawsuit states that Shopify failed to protect the…

Honda’s Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles

Posted on April 4, 2022 by Dissent

Ravie Lakshmanan reports: A duo of researchers has released a proof-of-concept (PoC) demonstrating the ability for a malicious actor to remote lock, unlock, and even start Honda and Acura vehicles by means of what’s called a replay attack. The attack is made possible, thanks to a vulnerability in its remote keyless system (CVE-2022-27254) that affects…