Steven Melendez reports: A loophole in Facebook’s advertising targeting mechanism could have let attackers obtain users’ phone numbers after they visited websites the attackers controlled, a group of scientists revealed in a paper presented last week. Facebook, which awarded the researchers a $5,000 bug bounty, has since taken steps to thwart similar attacks, and neither…
Category: Commentaries and Analyses
Event: Fireside Chat: Chilling Effects on Security Research
By Center for Democracy & Technology DESCRIPTION For many years, security researchers, infosec experts, and hackers have faced negative consequences such as legal threats and prosecution for simply doing their jobs. These so-called “chilling effects” have reached near-mythical status, and the level of understanding of potential risks varies throughout the tech policy community. Please join…
Telangana BSNL employee database vulnerable to hacking: French researcher Robert Baptiste
Mithun MK reports: French cyber-security researcher Robert Baptiste has found that over 40 GB of sensitive data belonging to State-owned telecom company BSNL, containing names, passwords and mobile numbers of its 47,000 employees, was vulnerable to hacking due to security flaws in websites under the BSNL domain. A few of the websites were also under…
Delaware Valley School District reviews data breach prevention
This is somewhat encouraging to read. Katie Collins reports: A few policies currently in place that are being studied and possibly updated was the focus of the Delaware Valley School District’s February workshop. The Director of Curriculum and Technology Dr. Gina Vives reported that the greatest change amongst the policies was that of the “data…
Resource: 5 steps to get a handle on your practice’s cyber vulnerability
This free webinar, recorded in September, 2017, might be very helpful to small practices or solo practitioners who are feeling overwhelmed about how to start hardening their security to comply with HIPAA and to prevent attacks or breaches. From the AMA: A staggering 83 percent of physicians recently told AMA researchers that their practices have…
Verizon 2018 Protected Health Information Data Breach Report
From Verizon: We’ve re-examined the data within our Data Breach Investigations Report (DBIR) series (2016 and 2017) to focus in on the healthcare sector’s unique profile and security challenges, and particularly the use/abuse of protected health information (PHI). Our 2018 Protected Health Information Data Breach Report (PHIDBR) is underpinned by 1,368 incidents from this caseload…