We spent a good amount of time in the cybersecurity forum today talking about the Equifax breach. Here’s a summary of some of their key failures, reported by Josh Fruhlinger and based on A U.S. General Accounting Office’s report, and an in-depth analysis from Bloomberg Businessweek. Here are just two of the findings, as reported by Fruhlinger:…
Report: MCMC ends contract with company after massive 2017 phone data leak
Azril Annuar reports: The Malaysian Communications and Multimedia Commission (MCMC) has terminated the services of a firm hired back in 2017 to protect the personal data of mobile phone users. Thus comes after the personal data of the users, including details such as MyKad numbers were reportedly leaked by the same company. Online portal Malaysiakini reported that…
Mum ‘realises any fingerprint can unlock her Samsung’ with eBay screen protector
Shivali Best reports: A mum in West Yorkshire says she was shocked to discover any fingerprint could unlock her Samsung smartphone after she’d fitted a £2.70 screen protector . Lisa Neilson, 34, from Castleford, bought the cover from eBay in the hopes of protecting her Galaxy S10 smartphone. However, once she’d set up her right and left thumb prints to unlock the smartphone,…
ANNOUNCE: Trying to build your resume as an ethical researcher and whitehat? Now there’s some help for you.
I won’t have much time to update news over the next few days while I am in Washington DC for the Privacy and Security Forum, but I just couldn’t wait until I got back to share what I hope is encouraging news for some of you. I know that there are a number of young…
When Test Data is Not Test Data
Jeremiah Fowler of Security Discovery tackles a common problem researchers and journalists experience all too frequently: There is a growing trend among organizations and companies to simply deny that live production data is real. As a security researcher I often hear that everyone is a small start-up and all data is test data, or it…
TX: Hunt Memorial Hospital District notifies additional patients about May 2018 breach
Brad Kellar of the Herald-Banner reports: The Hunt Memorial Hospital District released an update regarding a criminal cyber attack which was discovered against the district earlier this year, warning more of the district’s patients may have been impacted. […] According to the release, the cyber attack occurred in May 2018 “during which hackers gained access…