Commentaries and Analyses – Page 609

Flaws in Worldpay’s Merchant Portal Allow Attackers to Modify Payment Forms

Posted on April 12, 2016 by Dissent

Catalin Cimpanu reports: Vulnerabilities known as IODR (Insecure Direct Object References) were found and fixed in Worldpay, an online secure payments platform, security researcher Randy Westergren reports. An IODR vulnerability is when users have access to information they should not see, either because it belongs to another user or originates from an account with higher privileges. In…

Security flaws found in 3 state health insurance websites

Posted on April 7, 2016 by Dissent

AP reports: Federal investigators found significant cybersecurity weaknesses in the health insurance websites of California, Kentucky and Vermont that could enable hackers to get their hands on sensitive personal information about hundreds of thousands of people, The Associated Press has learned. And some of those flaws have yet to be fixed. Read more on Midland…

RESOURCE: Bryan Cave 2016 Data Breach Litigation Report

Posted on April 7, 2016 by Dissent

The law firm of Bryan Cave has issued its 2016 Data Breach Litigation Report. From their Executive Summary, some of their key findings: 83 cases were filed during the Period. This represents a nearly 25% decline in the quantity of cases filed as compared to the 2015 Data Breach Litigation Report (the “2015 Report”). When multiple filings against…

FBI: $2.3 Billion Lost to CEO Email Scams

Posted on April 7, 2016 by Dissent

While I keep updating my leetle list of entities disclosing their employees’ W-2 data has been phished, Brian Krebs reports that the FBI has issued an alert: The U.S. Federal Bureau of Investigation (FBI) this week warned about a “dramatic” increase in so-called “CEO fraud,” e-mail scams in which the attacker spoofs a message from the boss…

Everything’s broken….

Posted on April 7, 2016 by Dissent

So to review…. in the past four months or so, I’ve seen.. a database with 191 million U.S. voter registration records leaking… a database with 55 million Philippine voters that was hacked and dumped… a database with 50 million Turkish citizens’ identity information that was leaked.. information on expats and tourists in Thailand leaking online… Almost…

Ca: Co-workers irate after Powell River nurse who snooped in medical files gets job back

Posted on April 6, 2016 by Dissent

If you think it’s “excessive” to fire an employee for snooping in patients’ records, then you don’t get the importance of medical privacy. And for a union representing healthcare workers to try to claim that an employee shouldn’t be fired for repeated snooping just because others hadn’t been fired is, well…. disgraceful. What has happened…