Shoshanna Solomon reports: Even as Israel’s privacy and democracy watchdogs welcome a cybersecurity law that would help the nation fend off damaging attacks to its businesses and critical infrastructure, they are warning that a newly proposed law, now up for comments, is not beneficial to democracy. The proposal gives “too wide an authority without enough…
Restaurant chain PDQ says customers’ credit card info was hacked
Alfred Charles reports: PDQ, a fast-casual dining restaurant with several locations in the Triangle, is warning customers about a cyber attack on its computer systems in which hackers were able to access or acquire personal information from the chain’s customers who paid with credit cards. In a statement posted to the company’s website, the chain…
Apple comments on erroneous reports of iPhone brute force passcode hack
Rene Ritchie reports: Update: Apple has provided me with the following statement, which should close the door on speculation surrounding this purported exploit: “The recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing” Yesterday, a security researcher reported on a possible brute-force passcode attack that affected iPhone…
Midwest City notifies residents of incident that affected numerous municipalities
Midwest City, Oklahoma reports that about 2,300 customers were potentially affected by a breach involving software needed to use Click2Gov. As Dark Reading recently explained: Risk Based Security’s Inga Goddijn noticed a pattern of Click2Gov, a product of Superion Software, appearing in breach notification letters. The notifications came from cities across the United States, which…
FBI Publishes its 2017 Internet Crime Report
Justin Hemmings of Alston & Bird writes: The FBI recently published its 2017 Internet Crime Report highlighting trends and statistics compiled by the FBI’s Internet Crime Complaint Center (“IC3”) during 2017. The report compiles data from a total of 301,580 complaints which reported losses of over $1.4 billion. In addition to an explanation of the…
Aadhaar Security Failure: Government Webpages Provide Unsecured Access To Demographic Authentication
Aria Thaker reports: In another exposure of Aadhaar’s cybersecurity weaknesses, over 70 subdomains under a Government of India website are providing access to demographic-authentication services without requiring identity verification from the requester. The websites allow users to access an application programming interface, or API, in which anyone can enter a person’s Aadhaar number, name, gender…