If Iowa doesn’t get its act together, businesses and government will have trouble getting security firms to analyze and test their security. Even after law enforcement was told that Justin Wynn and Gary DeMercurio were Coalfire employees just doing what Coalfire had been hired to do by the judicial branch, the men are still facing…
Category: Commentaries and Analyses
MESSAGETAP: Who’s Reading Your Text Messages?
Raymond Leong, Dan Perez, and Tyler Dean report: FireEye Mandiant recently discovered a new malware family used by APT41 (a Chinese APT group) that is designed to monitor and save SMS traffic from specific phone numbers, IMSI numbers and keywords for subsequent theft. Named MESSAGETAP, the tool was deployed by APT41 in a telecommunications network…
Tech Companies Seek India Govt’s Help For Solving Aadhaar-PF linking Issue of Employees
Aman Rawat reports that a breach I didn’t even know about last year has raised concerns about what tech companies are willing to do in terms of linking their employees’ provident fund (PF) account numbers to their Aadhaar identification number. PF accounts are compulsory, government-managed retirement savings accounts. So if the government requires employees’ Aadhaar…
SC: Prisma Health discloses third patient data breach in two months
Noah Feit reports: Patients and volunteers at several Midlands hospitals might have had their personal information exposed online, according to Prisma Health. The problem was discovered after a Prisma Health employee’s login credentials were compromised, said Tammie Epps, a spokeswoman for the largest hospital system in South Carolina. Read more on The State. I had…
Details for 1.3 million Indian payment cards put up for sale on Joker’s Stash
This site has reported on a number of data leaks and breaches in India. And as regular readers know, I now have a criminal complaint and a civil suit against me and this site in India because 1to1Help.net didn’t like me exposing their embarrassing data leak. There’s also an injunction issued by an Indian court…
‘C.L.O.U.D.’s On the Horizon: How Law Enforcement Electronic Data Requests Are Going Global
Christopher A. Ott of Davis Wright Tremaine writes: Companies storing or moving large quantities of digital information routinely encounter subpoenas, court orders and warrants from United States law enforcement for subscriber and related data and records. However, the realities of cybercrime and recent under-publicized diplomatic activities could dramatically increase the volume of incoming requests from…