Rosie Talaga reports: QuickBlox, a software development framework used in telemedicine and finance, was found to have several critical security flaws, according to a joint study from computer and network security research firms Check Point Research and Claroty Team82 published July 12. QuickBlox’s video and chat features are commonly used in mainstream telemedicine applications and platforms. The…
Category: Of Note
FTC investigates OpenAI over data leak and ChatGPT’s inaccuracy
Cat Zakrzewski reports: The Federal Trade Commission has opened an expansive investigation into OpenAI, probing whether the maker of the popular ChatGPT bot has run afoul of consumer protection laws by putting personal reputations and data at risk. The agency this week sent the San Francisco company a 20-page demand for records about how it…
Increased Truebot Activity Infects U.S. and Canada Based Networks
From CISA Release Date: July 06, 2023 Alert Code: AA23-187A SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS) are releasing this joint Cybersecurity Advisory (CSA) in response to cyber threat actors leveraging newly…
Za: Information Regulator slaps Justice, Constitutional Development Department with R5m fine
IOL reports: The Department of Justice and Constitutional Development (DoJ&CD) has been ordered to pay a R5 million fine following its failure to comply with an Enforcement Notice after contravening the Protection of Personal Information Act (Popia). On May 9 the Information Regulator issued an Infringement Notice against the department for contravening various sections of…
I had been chatting with a blackhat. They had been working with a whitehat. We were both dealing with the same person.
On April 18, DataBreaches reported that more details had emerged on the arrest of three men by Dutch police in January. The three were suspected of hacking and extorting victims in the Netherlands and elsewhere, obtaining and selling data online, and money laundering. A fourth person linked to the suspects known as “DataBox” had previously…
Wells Notice Against SolarWinds CISO Could Be First of Its Kind
Com Sivesind writes: SolarWinds Corporation, which suffered a major breach of its Orion software platform in December 2020, submitted a U.S. Securities and Exchange Commission (SEC) filing on June 23rd, saying the enforcement staff of the SEC provided the company with a Wells Notice related to its investigation into the cyber incident. A Wells Notice is a…