Zack Whittaker reports: A security research firm has released details of a “critical” flaw in a security tool, despite being threatened with legal threats. Munich-based ESNC published a security advisory last week detailing how a remotely exploitable bug in a security tool, developed by auditing and tax giant PwC, could allow an attacker to gain unauthorized access…
Category: Commentaries and Analyses
Netgear working to fix flaw that left thousands of devices open to attack
Steve Ragan reports: A remotely exploitable vulnerability in the Nighthawk line of Netgear routers was disclosed on Friday. The flaw leaves customers exposed to having their connections hijacked, as someone exploiting the vulnerability can take complete control of the device. Despite having months to address the problem, Netgear has yet to publish a fix. Read…
Oregon Department of Education risked breach of private student data, audits find
Betsy Hammond reports: Two separate audits found the Oregon Department of Education didn’t do enough to ensure that its huge cache of data on more than 600,000 students remains private. Hundreds of people in school districts and in state government have access to some or all of that data. That means keeping it safe is…
New Kit, Same Player: Top 10 Vulnerabilities Used by Exploit Kits in 2016
From Recorded Future: Key Takeaways Adobe Flash Player provided six of the top 10 vulnerabilities used by exploit kits in 2016. Since our 2015 ranking, Flash Player’s popularity with cyber criminals remains after increased Adobe security issue mitigation efforts. Vulnerabilities in Microsoft’s Internet Explorer, Windows, and Silverlight rounded out the top 10 vulnerabilities used by…
Ca: Staff at Nunavut hospital need more training to ensure patients’ privacy protected
Elyse Skura reports: A lack of leadership at the Qikiqtani General Hospital may be putting patients’ personal information at risk, says Nunavut’s Information and Privacy Commissioner. A new privacy audit at the territory’s only hospital revealed that no one is in charge of ensuring staff follow privacy regulations, there’s no standard system to track who is…
Eir warns broadband customers of modem security breach
BreakingNews.ie reports: Eir is warning costumers that its modems have been comprised in a security breach. It is understood at least 2,000 have been breached by a computer virus. Costumers are being advised to reset their devices after a security vulnerability identified on a “limited number” of Zyxel D100 and Zyxel P-660HN-T1A broadband modems. Read…