Zack Whittaker reports: A mobile security startup has found seven security flaws in Samsung’s pre-installed mobile apps, which it says if abused could have allowed attackers broad access to a victim’s personal data. Oversecured said the vulnerabilities were found in several apps and components bundled with Samsung phones and tablets. Oversecured founder Sergey Toshin told…
Category: Commentaries and Analyses
Do We Even Need the Computer Fraud & Abuse Act (CFAA)?–Van Buren v. US
Eric Goldman writes: Last week, the Supreme Court decided Van Buren v. US. Many hoped the decision would clarify how owners can delimit third-party usage of their computer resources for purposes of the Computer Fraud & Abuse Act (CFAA). Disappointingly, the court explicitly punted on that key question, though the decision probably will prompt lower…
Italy Moves to Boost Cybersecurity With New Unit Under Draghi
Chiara Albanese reports: Italy’s government is speeding up plans to create a new cybersecurity unit directly under Prime Minister Mario Draghi to shield the country’s digital network from criminal attacks. The new unit will set centralized strategy for cybersecurity and be managed by a committee based in the prime minister’s office, according to a draft…
South Korea’s data watchdog barks warnings at Microsoft and five local firms
Laura Dobberstein reports: Microsoft and five other companies have received fines totaling US$75K from South Korea’s Personal Information Protection Commission (PIPC), for running afoul of local data protection laws. The Commission fined Microsoft 16.4 million won (US$14,700) for failing to have protective measures on administrative accounts that led to the leak of over 119,000 email accounts, 144…
Emerging ‘Prometheus’ ransomware claims 30 victims in a dozen countries, Palo Alto Networks says
Tonya Riley reports: A new ransomware group claims to have breached 30 organizations in government, financial services, health care services, and energy firms in the United States, United Kingdom, and a dozen more countries, according to Palo Alto Networks research published Wednesday. The group, which Palo Alto researchers have dubbed “Prometheus,” most frequently targets the manufacturing industry….
ASEAN companies still targeted by ALTDOS threat actors
In December of 2020, DataBreaches.net reported on a threat actor (or actors) calling themself “ALTDOS” who had attacked a Thai securities trading firm, Country Group Securities (CGSEC) . CGSEC wasn’t the only Thai entity they attacked, and within weeks, they had attacked MonoNext and 3BB, subsidiaries of Jasmine International. Angered by the entities’ response or lack of response to…