Charlie Osborne reports: A severe “hole” in the Qualcomm Secure World virtual processor, now patched, has been disclosed by researchers. According to cybersecurity researchers from Check Point, the Secure World safe compartment — used to house sensitive data in our mobile devices — could be exploited to leak financial information. Read more on ZDNet.
Category: Commentaries and Analyses
Pangilinan raises anew risks of espionage, breach of data privacy on entry of China-owned telco
Mario Casayuran reports: Minority Senator Francis N. Pangilinan raised on Wednesday espionage and data privacy questions on the entry of third telecommunications company (telco), Dito Telecommunity Corporation, a consortium which includes a China-owned company, into the Philippine communications industry after it was a given a tentative agreement to install towers inside Philippine military camps. Read…
Analyzing Careless Users, An Often Overlooked Threat
Many have written about how to mitigate the risks posed by malicious insiders. But what about the vulnerabilities associated with Careless Users? What actions can healthcare organizations take to better prevent a breach caused by internal negligence? The Clearwater CyberIntelligence® Institute analyzed the Critical and High risks found in Clearwater’s IRM|Analysis™ database, specifically focusing on…
Enhancing the Security of Data Breach Notifications and Settlement Notices
Ryan Amos, Mihir Kshirsagar, Ed Felten, and Arvind Narayanan write: We couldn’t help noticing that the recent Yahoo and Equifax data breach settlement notifications look a lot like phishing emails. The notifications make it hard for users to distinguish real settlement notifications from scams. For example, they direct users to URLs on unfamiliar domains that are not clearly…
A leak report quietly disappears, leaving questions in its wake
On October 8, Jeremiah Fowler reported that he had discovered a non-password protected database that contained what appeared to be information regarding healthcare workers and traveling nurses. If you had read the report on Security Discovery at the time, you would have read that almost one million people were potentially affected. Based on that reporting,…
Dental Delta of Arizona discloses phishing attack possibly compromising PII and PHI
Another day, another report of a data security incident because an employee fell for a phishing attack and the entity can’t be sure whether any protected health information or PII was actually accessed. Delta Dental of Arizona disclosed a July 8 incident this week. According to their press release, and after reiterating that they were…