Hakan Tanriverdi, Svea Eckert, Jan Strozyk, Maximilian Zierer, and Rebecca Ciesielski report: This investigation starts with a code: daa0 c7cb f4f0 fbcf d6d1. If you know what to look for, you’ll find Winnti. Hackers who have been spying on businesses all over the world for years. A group, presumably China-based, has honed in on Germany…
Category: Commentaries and Analyses
Health IT companies impacted by browser extension data leak: report
Heather Landi reports: Browser extensions, also known as add-ons or plug-ins, are commonly used by desktop Web surfers to do things ranging from blocking ads to remembering passwords to checking grammar. According to an independent security researcher, some extensions have been leaking and exposing browsing activity data, including patient names and health information from healthcare…
All clear? Server exposure from Illinois vendor with access to driver’s license data raises questions
Tina Sfondeles reports: A computer server of a vendor with city and state contracts to sell Illinois license plate stickers and Chicago vehicle stickers at currency exchanges was exposed to the Internet in May — although city and state officials insist there was no security breach. But that’s not enough for one Cook County watchdog,…
Here’s what data breaches are costing companies in 2019
Thomas Barrabi reports: The typical consumer data breach costs compromised businesses millions of dollars, with expenses rising exponentially for incidents on par with those that affected Equifax or Facebook in recent years, according to new research from IBM Security and Ponemon Institute. On a global scale, the average data breach exposes 25,575 sensitive consumer records and carries…
Vigilante Hacker ‘Phineas Fisher’ Denies Working for the Russian Government
Lorenzo Franceschi-Bichhierai reports: Four years ago, a vigilante hacker pulled off one of the most daring hacks of all time. The hacker, known as Phineas Fisher, broke into the servers of Hacking Team—one of the most hated companies in the cybersecurity world—and put all its data online. This was the equivalent of a museum robber…
Hackers breach 62 US colleges by exploiting ERP vulnerability
Catalin Cimpanu reports: Hackers have breached the systems of 62 colleges and universities by exploiting a vulnerability in an enterprise resource planning (ERP) web app, the US Department of Education said in a security alert sent out this week. The vulnerability is in Ellucian Banner Web Tailor, a module of the Ellucian Banner ERP that…