One of the things Brian Krebs and I seem to have in common is that you don’t want to have to send either of us a breach notification letter. Brian writes of his own recent experience with Cox, who wrote to him and 51 other customers: “On or about Aug. 13, 2014, “we learned that one…
Category: Commentaries and Analyses
Security Breach Puts Altegrity’s Integrity And Liquidity On The Line
Kate Marino reports: Hackers have claimed some high-profile corporate victims over the last year, with household names like Target and Home Depot typically reaping the lion’s share of media attention. Cyber attacks represent a growing threat to the business world, and their fallout could cost the global economy as much as $3 trillion by 2020, according to a McKinsey & Co….
Bash bug: Shell Shocked yet? You will be … when this goes WORM
Darren Pauli reports: Much of the impact of the Shell Shocked vulnerability is unknown and will surface in the coming months as researchers, admins and attackers (natch) find new avenues of exploitation. The vulnerability, coined Shell Shocked by researcher Robert Graham, existed in the Bash command interpreter up to version 4.3 and affected scores of servers,…
Operation Harkonnen Malware disguised as ‘harmless Adware’
Michael Shuff reports: Further details are emerging today of the methods used in the massive and long-lasting Operation Harkonnen cyber attack (‘Harkonnen Hack’) methodology that has allegedly exposed the data of 300 leading European organisations since 2003. The victims of the German gang thought to be responsible include banks, government organisations and major corporations, most…
Ca: Employer liability for privacy breaches by employees
Daniel Mayer writes: A class action was recently allowed to proceed in Ontario against a major bank after one of its employees admitted to accessing and disclosing to third parties confidential information of the bank’s customers. While this case is not a final decision as to whether the bank was actually liable for its employee’s…
Government itself tries to hack HealthCare.gov
Associated Press reports: The government’s own watchdogs tried to hack into HealthCare.gov earlier this year and found what they termed a critical vulnerability — but also came away with respect for some of the health insurance site’s security features. Those are among the conclusions of a report released today by the Health and Human Services…