Zack Whittaker reports: An internet advertising company specializing in helping law firms sign up potential clients has exposed close to 150,000 records from a database that was left unsecured. The database contained submissions as part of a lead-generation effort by X Social Media, a Florida-based ad firm that largely uses Facebook to advertise various campaigns…
Category: Commentaries and Analyses
Thanks to Equifax breach, 4 US agencies don’t properly verify your data, GAO finds
Alfred Ng reports: Multiple government agencies are relying on a security measure that can be easily bypassed thanks to massive breaches like the Equifax hack, the US Government Accountability Office has found. In a report released Friday, the government watchdog group found that the US Postal Service, the Department of Veterans Affairs, the Social Security…
CO: Hit by ransomware, Estes Park Health decides to pay the ransom to get decryption keys
Zach Clemens reports that Estes Park Health suffered a ransomware attack on June 2. No data was exfiltrated, but it was locked up, and after consulting with their cyberinsurer and IT people, they decided that they had to pay the ransom. “At that point in time we are looking at the patients we have internally,…
Authorities Arrest Three Suspected Admins of France’s Biggest Darkweb Market
Seen on d/darknetlive: On June 12, French law enforcement arrested the three suspected administrators of the French DeepWeb Market, the largest darkweb market in France. The administrators are facing charges in connection with the drug trafficking that took place on the site and several related crimes. Three people were detained on June 12 as part…
Critical Flaw in Evernote Add-On Exposed Sensitive Data of Millions
Sergiu Gatlan reports: A critical flaw in the Evernote Web Clipper Chrome extension could allow potential attackers to access users’ sensitive information from third party online services. “Due to Evernote’s widespread popularity, this issue had the potential of affecting its consumers and companies who use the extension – about 4,600,000 users at the time of…
SEC Issues Alert On Outsourcing and Data Security
Liisa Thomas, Sarah Aberg, Kari Rollins, and Katherine Boy Skipsey write: The SEC recently issued a risk alert warning about using vendors and cloud-based platforms. Many broker dealers and investment advisors are turning to these third parties to store customer data. In its alert, the SEC’s Office of Compliance Inspections and Examinations warns firms that…