This is the second part of a look-back at 2016 and a commentary on why we need to analyze breaches differently if we really want to become more proactive in preventing them. Part 1 of this article can be found here). To recap Part 1: although headlines tend to scream “HACK!” (and irritatingly show us stock images of…
Category: Commentaries and Analyses
2016: Healthcare data breaches in review, Part 1
There were a number of year-in-review analyses for the healthcare sector, but now Protenus has released its report, which is based on analyses of 450 U.S. incidents first disclosed in 2016. The incidents were compiled by DataBreaches.net, who also provided some of the analyses. While some media outlets still headline external hacks where massive numbers of records…
D-Link fights back against ‘baseless’ data security lawsuit
Corinne Reichert reports: Cause of Action Institute has announced that it will be defending D-Link against the United States Federal Trade Commission (FTC)’s “unwarranted and baseless” lawsuit claiming that the technology company put thousands of customers at risk of unauthorised access by failing to secure its IP cameras and routers. The FTC should not be…
This Crazy Ransomware Restores Your Files If You Read About Ransomware
Lee Mathews writes: We’ve seen some pretty dastardly ransomware pop up over the past couple of years. Popcorn Time decrypts your files for free if you pass the infection on to your friends. Jigsaw deletes some of your files every hour until you pay up. The Koolova ransomware put a whole new spin on things. Like Popcorn…
Ransomware Has Evolved, And Its Name Is Doxware
Chris Ensey writes that as entities try to defend themselves better against ransomware, criminals have come up with a new twist to make it more likely for their victims to pay up: Many companies have figured out that they can avoid paying these ransoms by wiping a system clean, restoring it with backup drives, and…
Changing other people’s flight bookings is too easy
Lucian Constantin reports: The travel booking systems used by millions of people every day are woefully insecure and lack modern authentication methods. This allows attackers to easily modify other people’s reservations, cancel their flights and even use the refunds to book tickets for themselves, according a team of researchers who analyzed this online ecosystem. Karsten…