Zeljka Zorz reports: Chinese e-commerce giant Gearbest has exposed information and orders of millions of its customers through an unsecured Elasticsearch server, security researcher Noam Rotem and his team have found. According to Rotem, the server was not protected with a password and anyone could access it and search the data. Also, despite assurances from…
Category: Of Note
Mt Gox Bitcoin exchange’s Karpeles avoids jail time in Japan
Yuri Kageyama reports: Mark Karpeles, who headed Mt. Gox, a Tokyo-based bitcoin exchange that went bankrupt after a massive hacking, was found guilty Friday of manipulating electronic data but cleared of embezzlement and breach of trust charges. The Tokyo District Court handed down a prison sentence of two years and six months, suspended for four…
Are Bug Bounty Programs Worth It?
Julia R. Livingston and Craig A. Newman of Patterson Belknap write: Almost weekly, it seems there is another news article about a bug bounty program sponsored by a major corporation where an amateur hacker – often a teenager – is paid a sizeable sum of money for finding a bug in a company’s operating system…
‘Privacy Is Becoming a Luxury’: What Data Leaks Are Like for the Poor
Elizabeth Brico reports: When Jayne checked her email on the morning of February 13, she didn’t expect to find anything particularly exciting. The 34-year-old, who asked her real name be withheld out of fear that speaking out could affect her housing benefits, was enjoying a rare moment of relative peace on a snow day in…
US Healthcare institutions are vulnerable to phishing attacks: Survey
CISOMag reports on a recent survey and report, Assessment of Employee Susceptibility to Phishing Attacks at US Health Care Institutions, authored by Dr. William Gordon and colleagues. Not surprisingly, the survey found that the healthcare sector was susceptible to phishing attacks. How susceptible, you wonder? William specified that when the researchers sent simulated phishing emails,…
Lawmakers introduce bipartisan bill for ‘internet of things’ security standards
Jacqueline Thomsen reports: A bipartisan group of lawmakers on Monday unveiled legislation that would create cybersecurity standards for internet-connected devices, often known as the “internet of things.” The bill, introduced in the Senate by Sens. Mark Warner (D-Va.) and Cory Gardner (R-Colo.) and in the House by Reps. Will Hurd (R-Texas) and Robin Kelly (D-Ill.),…