Vignesh Radhakrishnan reports: The websites of several leading varsities, including Devi Ahilya Vishwavidyalaya of Indore and Mumbai University, are vulnerable to hacking that can alter sensitive information stored on their databases, according to a white hat hacker. The white-hat or ethical hacker, who goes by the name Root_X_FlooD, contacted Hindustan Times and said the portal…
Category: Commentaries and Analyses
Data breach penalties gain overwhelming support from Australian IT: survey
Chris Player reports: Australian IT professionals are overwhelmingly supportive of penalties for company data breaches according to a new survey from security firm, Websense. The survey of 100 Australian security professionals found that 98 per cent of respondents believed that the law should address serious data breaches that expose consumers’ data loss. Of those, 59…
Universities and colleges: you’ve been warned
Every day, I see reports of SQLi vulnerabilities or cross-scripting vulnerabilities for university/college sites, and I wonder, “How many students and employees have personal information at risk because of this?” Consider this tweet from a self-described black hat hacker, @JM511: @amzh702 I’m tryin to fucked up any college or ESL or university as much as…
UK: Councils losing personal data four times a day: Tens of thousands affected by leaks of confidential information including medical records (updated)
Ian Drury reports on the results of a FOIA investigation by Big Brother Watch: Bungling councils have lost or wrongly shared the sensitive personal information of tens of thousands of people, a damning report reveals today. Officials breach data rules at least four times a day, often involving the confidential details – including medical records…
HTC caught storing fingerprints as clear-text images in “world readable” folder
Darren Pauli reports: Four FireEye researchers have found a way to steal fingerprints from Android phones packing biometric sensors such as the Samsung Galaxy S5 and the HTC One Max. The team found a forehead-slapping flaw in HTC One Max in which fingerprints are stored as an image file (dbgraw.bmp) in a open “world readable”…
Cheatin’ Ain’t Easy: Potential Theories of Liability Emerge for Online Cheating Website Ashley Madison
Joseph F. Welborn III discusses possible theories of liability for lawsuits against Ashley Madison in the wake of its massive databreach. He writes, in part: One interesting theory of liability comes from an old common law tort that has been phased out legislatively in all but seven states – alienation of affections. In fact, this…