From CERT.pl: During the SECURE conference, we presented a talk outlining actions performed by a group of criminals, which we have called “The Postal Group”. Their name is derived from the fact that they masquerade their phishing attacks as messages from the post office. This phishing then leads to either cryptolocker or a banking trojan….
Category: Commentaries and Analyses
US taxman slammed: Half of the IRS’s servers still run doomed Windows Server 2003
Kieren McCarthy reports: Half of America’s Internal Revenue Service’s (IRS) servers are running Windows Server 2003, despite extended support for it ending in July. That’s according to a report by the Treasury Inspector General that took a look at the IRS’ $139m upgrade program. The report is distinctly unimpressed and notes that the IRS “did not follow established policies…
Aadhaar encryption protects privacy, will take eons to crack
Mahendra Singh & Rajeev Deshpande report: The Aadhaar system’s data collection and storage is strongly protected by sophisticated encryption processes to ensure biometric data does not leak either through private contractors running enrollment centres or at the central data servers that store the details. […] The encryption uses highest available public key cryptography encryption (PKI-2048…
Lauri Love fights extradition to US for allegedly hacking U.S. govt agencies
Bethany Horne reports that as expected, Lauri Love will be fighting attempts to extradite him to the U.S. to face hacking charges. The US alleges Love is a “sophisticated computer hacker” loosely affiliated with the Anonymous hacker collective, and that he “secretly infiltrated” computer systems used by a long list of government agencies including the Federal Reserve,…
HK: Response to Media Enquiries: Personal Data Leakage Involving the Contactless Credit Cards
The following statement was issued by the The Office of the Privacy Commissioner for Personal Data for Hong Kong: (13 October 2015) The Office of the Privacy Commissioner for Personal Data (“PCPD”) expresses concern over the possible personal data leakage involving the contactless credit cards issued by banks and commences a compliance check on this issue….
UK: Hack attack probe Edinburgh council is under fire
Martin Hannan reports: Edinburgh City Council has been criticised by the Information Commissioner’s Office after an investigation into the way the country’s second-largest local authority deals with personal data. […] The most damning criticism of the council was that its lack of an information security manager or overarching information security policy was contrary to…