From the audit report, some background first: The Town contracts for IT services with an independent contractor. The contractor’s duties include performing all significant maintenance and hardware installations, and providing technical support and expert advice on the upgrade of the entire IT environment. The Town uses computerized applications to perform essential tasks including processing financial…
Category: Commentaries and Analyses
Hacker claims Madhya Pradesh varsity’s results can be altered
Vignesh Radhakrishnan reports: The websites of several leading varsities, including Devi Ahilya Vishwavidyalaya of Indore and Mumbai University, are vulnerable to hacking that can alter sensitive information stored on their databases, according to a white hat hacker. The white-hat or ethical hacker, who goes by the name Root_X_FlooD, contacted Hindustan Times and said the portal…
Data breach penalties gain overwhelming support from Australian IT: survey
Chris Player reports: Australian IT professionals are overwhelmingly supportive of penalties for company data breaches according to a new survey from security firm, Websense. The survey of 100 Australian security professionals found that 98 per cent of respondents believed that the law should address serious data breaches that expose consumers’ data loss. Of those, 59…
Universities and colleges: you’ve been warned
Every day, I see reports of SQLi vulnerabilities or cross-scripting vulnerabilities for university/college sites, and I wonder, “How many students and employees have personal information at risk because of this?” Consider this tweet from a self-described black hat hacker, @JM511: @amzh702 I’m tryin to fucked up any college or ESL or university as much as…
UK: Councils losing personal data four times a day: Tens of thousands affected by leaks of confidential information including medical records (updated)
Ian Drury reports on the results of a FOIA investigation by Big Brother Watch: Bungling councils have lost or wrongly shared the sensitive personal information of tens of thousands of people, a damning report reveals today. Officials breach data rules at least four times a day, often involving the confidential details – including medical records…
HTC caught storing fingerprints as clear-text images in “world readable” folder
Darren Pauli reports: Four FireEye researchers have found a way to steal fingerprints from Android phones packing biometric sensors such as the Samsung Galaxy S5 and the HTC One Max. The team found a forehead-slapping flaw in HTC One Max in which fingerprints are stored as an image file (dbgraw.bmp) in a open “world readable”…