Commentaries and Analyses – Page 538

Kromtech Security Center Releases Tool to Identify and Prevent Data Leaks for Amazon S3 Users

Posted on October 20, 2017 by Dissent

Since 2015, this site has been reporting on data leaks due to misconfigured databases or devices that are indexed on shodan.io or other specialized search engines. Many of the leaks I have reported on involve AWS S3 buckets. And despite the fact that Amazon has issued reminders and guidance to its customers about securing buckets,…

Protenus releases its Breach Barometer report for September

Posted on October 18, 2017 by Dissent

You can access their report here. Once again, we saw insider wrongdoing breaches taking a long time to discover. Hacking accounted for 50% of the 46 breaches we recorded for the month, and eight of the hacks also involved extortion demands. If you’re thinking, “That sounds like TheDarkOverlord,” give yourself a pat on the back….

UK: NHS data loss scandal deepens with further 162,000 files missing

Posted on October 18, 2017 by Dissent

Rajeev Syal and Denis Campbell report: The scandal over the biggest ever loss of NHS medical correspondence has deepened with the revelation that a further 162,000 documents went missing, in addition to the 702,000 pieces of paperwork already known to have gone astray. MPs said they were “dumbstruck” to learn that even more material relating…

Chase Brexton Health Care notifies more than 16,000 patients after phishing incident

Posted on October 17, 2017 by Dissent

Chase Brexton Health Care in Maryland recently notified 16,562 patients after four employees fell for a phishing attack. The phishing emails were sent on August 2 and 3, and by August 4, the attackers had re-routed employees’ paychecks. Of note, there was no evidence that the attackers were seeking – or ever accessed or viewed –…

New attack works against all WPA2 WiFi networks: Android & Linux most vulnerable, but iOS and macOS too

Posted on October 16, 2017 by Dissent

Discovered by Mathy Vanhoef of imec-DistriNet, KU Leuven We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can…

Ransomware On The Rise: Dark Web Market Demand Up 2,500%

Posted on October 15, 2017 by Dissent

AJ Dellinger reports: The demand for ransomware attacks on dark web skyrocketed in the last year, with the marketplace showing a growth of more than 2,500 percent, according to a new report. United States-based cybersecurity company Carbon Black published a study titled “the Ransomware Economy” earlier this week that shows ransomware attacks are becoming increasingly…