Catalin Cimpanu reports: A security researcher has published details and proof-of-concept exploit code for a zero-day vulnerability in vBulletin, one of today’s most popular forum software. The zero-day is a bypass for a patch from a previous vBulletin zero-day — namely CVE-2019-16759, disclosed in September 2019. Read more on ZDNet. Lawrence Abrams of BleepingComputer has…
Category: Commentaries and Analyses
Hacking medical devices to hijack secure facilities
Fahmida Y. Rashid reports: People entering secure facilities—such as those found in military, security, and government agencies—are often asked to hand over their connected devices such as fitness trackers and smartphones. Those devices are stored in secure lockers and then returned when their owners leave the facility. All this is done in the name of…
Why Healthcare is (or isn’t) Adopting Blockchain
Matt Jordan reports: There’s a place for Blockchain in the Healthcare environment, whether individual providers are choosing to adopt it or not. With the current health crisis rocking our country, and even our world, sending patients to ICU or bed-ridden and unable to leave their homes to receive care and diagnoses from their medical professionals….
Pepperstone Updates Clients on Data Breach Investigation
Aziz Abdel-Qader reports: Multi-regulated FX broker Pepperstone has just updated its clients about the data security breach that occurred just over a week ago. The company said the security issue had originated from one of its third-party vendors after cybercriminals used malware to compromise its computers and obtained access to the provider’s credentials. Not so long after…
SPARTOO: sanction of 250,000 euros and injunction under penalty to comply with the GDPR
From the CNIL, the French data protection authority: SPARTOO is specialized in the online shoe sales sector. For this activity, it has a website accessible in thirteen countries of the European Union. The CNIL inspected the company in May 2018, and noted shortcomings concerning the data of customers, prospects and employees. The President of the CNIL therefore…
SG: The Central Depository and two other organisations fined for data privacy breach
Yip Wai Yee reports: The Central Depository (CDP) and two other organisations have been fined a total of $47,000 for breaching data privacy laws. CDP received the biggest fine of $32,000 after it mailed dividend cheques to outdated addresses, putting more than 200 account holders at risk of having their personal data disclosed. According to…