There were a number of year-in-review analyses for the healthcare sector, but now Protenus has released its report, which is based on analyses of 450 U.S. incidents first disclosed in 2016. The incidents were compiled by DataBreaches.net, who also provided some of the analyses. While some media outlets still headline external hacks where massive numbers of records…
Category: Commentaries and Analyses
D-Link fights back against ‘baseless’ data security lawsuit
Corinne Reichert reports: Cause of Action Institute has announced that it will be defending D-Link against the United States Federal Trade Commission (FTC)’s “unwarranted and baseless” lawsuit claiming that the technology company put thousands of customers at risk of unauthorised access by failing to secure its IP cameras and routers. The FTC should not be…
This Crazy Ransomware Restores Your Files If You Read About Ransomware
Lee Mathews writes: We’ve seen some pretty dastardly ransomware pop up over the past couple of years. Popcorn Time decrypts your files for free if you pass the infection on to your friends. Jigsaw deletes some of your files every hour until you pay up. The Koolova ransomware put a whole new spin on things. Like Popcorn…
Ransomware Has Evolved, And Its Name Is Doxware
Chris Ensey writes that as entities try to defend themselves better against ransomware, criminals have come up with a new twist to make it more likely for their victims to pay up: Many companies have figured out that they can avoid paying these ransoms by wiping a system clean, restoring it with backup drives, and…
Changing other people’s flight bookings is too easy
Lucian Constantin reports: The travel booking systems used by millions of people every day are woefully insecure and lack modern authentication methods. This allows attackers to easily modify other people’s reservations, cancel their flights and even use the refunds to book tickets for themselves, according a team of researchers who analyzed this online ecosystem. Karsten…
Topps’ payment card breach was just its latest data security incident
A number of sites have now reported on Topps‘ recent disclosure that on October 12, it became aware of unauthorized access to payment card information for customers using the topps.com website between July 30 and October 12. A copy of the sports card and memorabilia giant’s notification can be found on several state regulators’ sites but not, it seems…