From Recorded Future: Key Takeaways Adobe Flash Player provided six of the top 10 vulnerabilities used by exploit kits in 2016. Since our 2015 ranking, Flash Player’s popularity with cyber criminals remains after increased Adobe security issue mitigation efforts. Vulnerabilities in Microsoft’s Internet Explorer, Windows, and Silverlight rounded out the top 10 vulnerabilities used by…
Category: Commentaries and Analyses
Ca: Staff at Nunavut hospital need more training to ensure patients’ privacy protected
Elyse Skura reports: A lack of leadership at the Qikiqtani General Hospital may be putting patients’ personal information at risk, says Nunavut’s Information and Privacy Commissioner. A new privacy audit at the territory’s only hospital revealed that no one is in charge of ensuring staff follow privacy regulations, there’s no standard system to track who is…
Eir warns broadband customers of modem security breach
BreakingNews.ie reports: Eir is warning costumers that its modems have been comprised in a security breach. It is understood at least 2,000 have been breached by a computer virus. Costumers are being advised to reset their devices after a security vulnerability identified on a “limited number” of Zyxel D100 and Zyxel P-660HN-T1A broadband modems. Read…
e-Wallets: No prescribed security standards under Indian e-wallet laws puts your financial data at risk
Asheeta Regidi reports: The government is pushing very strongly for a cashless society. After the demonetisation move, several initiatives have been seen to further encourage going cashless. The latest of these is the Ministry of Urban Development’s direction for all Urban Local Bodies to shift to e-payments. While cashless transactions are a convenience and the…
Sadly, SQL injection attacks never go out of style – or effectiveness
“Kapustkiy,” a self-described teenager who has been using SQL injection attacks on a number of government sites, today dumped some data from the National Assembly of Ecuador. There were 655 email addresses and passwords in his public paste, although the list contained some duplicates. As he has done in the past, and as he informed this site…
NaMo app non-hack is a small fry; tech security on govt apps is even worse
Srinivas Kodali writes: In the wee hours of December 1, 2016, Javed Khatri, a 22-year-old programmer (note: not a hacker) discovered a common security vulnerability/bug in the Narendra Modiapp. Khatri was able to access the personal information of every registered user of the application through this vulnerability. After sending out a tweet (below) to Modi to report…