Kirstie Newton reports: A trainee surgeon who was convicted of raping two women in Cornwall and Devon has also pleaded guilty to misusing patient records at hospital trusts. Salil Korambayil, aged 32, of Redhill in Surrey, attacked and raped two victims in their own homes after meeting them on social media. He denied three counts…
Category: Of Note
FTC Takes Action Against Security Camera Firm Verkada over Charges it Failed to Secure Videos, Other Personal Data and Violated CAN-SPAM Act
August 30, 2024 – The Federal Trade Commission will require security camera firm Verkada to develop and implement a comprehensive information security program to settle allegations the company failed to use appropriate information security practices, which allowed a hacker to access customers’ security cameras. Under a proposed order, which must be approved by a federal…
WazirX confirms 43% of customer funds unrecoverable following $230 million cyberattack, begins restructuring
Ouch. Rachna Dhanrajani reports: India’s cryptocurrency exchange WazirX, on Monday, revealed that 43% of customer funds lost in a recent cyberattack are unlikely to be recovered. In a virtual press conference, the exchange announced it is undergoing a restructuring process, which could take up to six months. They are also in discussions with a potential…
Franklin County judge grants city request to suppress cyber expert’s efforts to warn public
Did the First Amendment get rescinded in Franklin County, Ohio? What the heck is going on there? Bill Bush of The Columbus Dispatch reports: A Franklin County judge on Thursday granted the city of Columbus a temporary restraining order against a cybersecurity expert who has been telling the media about the public impact of the…
National Public Data Published Its Own Passwords
Brian Krebs reports: New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans’ Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its…
Ransom campaign hits cloud servers
Catalin Cimpanu reports: A threat actor is hacking and extorting companies that have misconfigured their cloud server infrastructure. The data extortion campaign has been taking place since earlier this year and involves a large-scale scan of the internet for companies that have exposed their environment variable files. Also known as .ENV, these files act as…