Commentaries and Analyses – Page 529

How to Assess a Vendor’s Data Security

Posted on January 9, 2018 by Dissent

Cooper Quintin and Soraya Okuda of EFF collaborated with Jonah Sheridan of Information Ecology to come up with a helpful guide: Perhaps you’re an office manager tasked with setting up a new email system for your nonprofit, or maybe you’re a legal secretary for a small firm and you’ve been asked to choose an app…

Shoot/Sue the Messenger, Indian style: An Indian journalist exposed a huge breach in a government database. Now she’s facing a police complaint.

Posted on January 8, 2018 by Dissent

Vidhi Doshi reports: An Indian government agency has filed a police complaint against a journalist who exposed a possible security breach in the country’s vast biometric database that contains the personal details of more than 1 billion citizens, raising fresh concerns about shrinking press freedom in India. The complaint against journalist Rachna Khaira came after she wrote…

Shafer’s attorney files motion to dismiss federal charges of cyberstalking an FBI agent’s family and court personnel

Posted on January 3, 2018 by Dissent

I haven’t had time to really read this carefully yet, but Tor Ekeland has filed a motion to dismiss U.S. v. Shafer, a case that may leave you scratching your head and wondering why the government is devoting so many precious resources to persecuting and harassing one of the good guys. And for all this…

Hackers Go on a Magento Attack Spree Using a Helpdesk Extension

Posted on December 29, 2017 by Dissent

Rafia Shaikh reports: Cybercriminals are targeting Magento sites running Mirasvit Helpdesk – a popular helpdesk extension. The extension enables site owners to add a “Chat with us” widget on their Magento shops. Mirasvit was vulnerable to security flaws that affect every version of the extension up until version 1.5.2. Security firm WebShield had first published details about these security…

A tale of three leaks, Wednesday edition

Posted on December 27, 2017 by Dissent

On December 6, DataBreaches.net was contacted by researchers who requested help notifying two entities that they were exposing health information due to misconfigured AWS S3 buckets. They would turn out to be a delight to deal with, unlike a third entity that was also leaking information from a misconfigured S3 bucket. So let’s start with…

In November, I gave thanks for fewer breach reports

Posted on December 21, 2017 by Dissent

Protenus has released its monthly Breach Barometer, and the statistics for November were something to be thankful for – even if they turn out to be just a brief break from the crush of breach reports we’ve seen every month. As Protenus reports, there were 28 incidents first disclosed during November. We were able to…