Dan J. Martin reports: Details of a string of breaches of data protection laws by staff at Leicester City Council have been published. Information revealed by the authority outlines a series of errors by employees handling sensitive documents. Among the breaches were a series of letters posted to the wrong addresses, a form containing personal details falling…
Category: Commentaries and Analyses
Security of mobile health apps: it’s as bad as we thought
It’s a topic I’ve covered on this site before, and even though I generally don’t include infographics from commercial entities on this site, Arxan has one on the security of mobile health apps that is important to note. With their kind permission, I am reproducing it below. You can access the corresponding report on healthcare…
Trend Micro Flaw Would Have Allowed Hackers To Steal Your Passwords
Adnan Farooqui reports: It’s ironic when programs that are meant to protect you from attackers actually open up doors from them. One of Google’s information security engineers discovered a critical flaw in Trend Micro antivirus which would not only have allowed attackers to execute code remotely but would have even let them steal all of…
Simple Yet Effective eBay Bug Allowed Hackers to Steal Passwords
Swati Khandelwal writes that when MLT (@ret2libc on Twitter) responsibly notified eBay of a bug that would allow the theft of eBay users’ passwords via phishing, eBay ignored the problem – until the media came knocking for a statement. Read more on The Hacker News and read MLT’s blog post about the eBay flaw.
Privacy Class Actions are on the Rise in Canada
Ira Nishisato and Éloïse Gratton of Borden Ladner Gervais LLP write: There is a new trend in Canada towards privacy class actions being launched following a cybersecurity breach or an improper disclosure of personal information. Indeed, privacy class actions triggered by data breaches are growing in popularity in Canada, with between twenty and thirty privacy…
Texas Broadens Unauthorized Access of Computer Law to Specifically Address Insider Misuse
Shawn E. Tuma writes that Texas just amended its unauthorized access of computers law to specifically address misuse by insiders. Here’s a snippet from his detailed post: Nothing was removed from the prior version of the law; the following language in blue italics was added as Section 33.02 (b-1)(2) of the Texas Penal Code: It is a crime for a…