Commentaries and Analyses – Page 542

New attack works against all WPA2 WiFi networks: Android & Linux most vulnerable, but iOS and macOS too

Posted on October 16, 2017 by Dissent

Discovered by Mathy Vanhoef of imec-DistriNet, KU Leuven We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can…

Ransomware On The Rise: Dark Web Market Demand Up 2,500%

Posted on October 15, 2017 by Dissent

AJ Dellinger reports: The demand for ransomware attacks on dark web skyrocketed in the last year, with the marketplace showing a growth of more than 2,500 percent, according to a new report. United States-based cybersecurity company Carbon Black published a study titled “the Ransomware Economy” earlier this week that shows ransomware attacks are becoming increasingly…

Cloudy with a chance of PHI leaks

Posted on October 12, 2017 by Dissent

Maybe we should do this one as a “write your own headline” exercise. Earlier this week, Kromtech Security reported that they had uncovered yet another improperly secured AWS S3 bucket that was exposing protected health information. The company that was responsible for the collection of the home monitoring data, Patient Home Monitoring, was exposing what…

No holds barred? TheDarkOverlord threatens students with physical violence to send FBI a message to back off

Posted on October 7, 2017 by Dissent

DataBreaches.net has been reporting on TheDarkOverlord (TDO) since they first burst on the scene in June, 2016. Since then, this site has reported on numerous attacks by them on health care entities, financial and business entities, a Hollywood post-production studio, and a defense contractor. Now they have begun to target the education sector, and an official at the…

Office of the Australian Information Commissioner seeks your comment

Posted on September 29, 2017 by Dissent

Notifiable Data Breaches We are currently seeking public comment on the following draft resources: What to include in an eligible data breach statement Notifiable Data Breach statement Exceptions to notification obligations Guide to OAIC Privacy Regulatory Action – Chapter 9: Data breach incidents Assessing a suspected data breach Please provide any comments by 23 October…

Firewalls Don’t Stop Hackers. AI Might.

Posted on September 27, 2017 by Dissent

Scott Rosenberg reports: The cybersecurity industry has always had a fortress mentality: Firewall the perimeter! Harden the system! But that mindset has failed—miserably, as each new headline-generating hack reminds us. Even if you do patch all your software, the way Equifax didn’t, or you randomize all your passwords, the way most of us don’t, bad…