Binayak Dasgupta reports: A cyber security firm said on Wednesday that it stumbled upon large parts of the government’s contact tracing app Aarogya Setu’s code and back-end components that could jeopardise the privacy of 150 million users after a government website appeared to have inadvertently uploaded log-in credentials used by the developers, triggering a war of words…
For six months, security researchers have secretly distributed an Emotet vaccine across the world
Catalin Cimpanu reports on a rare bit of good news on the malware front, although the threat actors appear to have gotten the upper hand again: In the cyber-security industry, there’s a very dangerous moral line when it comes to exploiting bugs in malware, a line many security companies won’t cross, fearing they might end…
Jack Daniel’s Manufacturer Was Target of Apparent Ransomware Attack
Jordan Robertson reports: Brown-Forman Corp., a manufacturer of alcoholic beverages including Jack Daniel’s and Finlandia, said it was hit by a cyber-attack in which some information, including employee data, may have been impacted. The company, which is based in Louisville, Kentucky, said in a statement it was able to prevent its systems from being encrypted,…
Texas Man Sentenced to 57 Months for Computer Hacking and Aggravated Identity Theft
From the U.S. Attorney’s Office, Northern District of New York, yesterday, an update on a previously reported case: ALBANY, NEW YORK –Tyler C. King, age 31, of Dallas, Texas, was sentenced today to 57 months in prison for computer fraud and aggravated identity theft in connection with his hacking of a New York-based technology company….
UK: Plymouth Passport Office’s pitiful password privacy
A blog post by Graham Cluley really resonated here this week. It begins: The Plymouth Herald reports on what appears to be an easy-to-avoid gaffe. An eagle-eyed passer-by spotted a password on clear display at Her Majesty’s Passport Office in Ebrington Street, scrawled on a flipchart leaning against an upper window. The paper contacted the UK Home Office,…
Medical records for cardiac patients left unsecured online
On August 2, a researcher contacted DataBreaches.net about a misconfigured Amazon s3 storage bucket they had discovered. The bucket contained more than 10,000 files, recently updated, with protected health information of patients seen by or involved with BioTel Heart cardiac data network. Sometimes it is easy to figure out the likely owner of an Amazon…