Ravie LakshmananRavie Lakshmanan Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. “These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an…
Websites exposing Aadhaar and PAN details blocked by India’s MeitY
Mint reports: The Government of India has blocked several websites that were found to be exposing sensitive personal information, including Aadhaar and PAN card details of Indian citizens. This action was taken by the Ministry of Electronics and Information Technology (MeitY). The Unique Identification Authority of India (UIDAI) has also filed an official complaint with…
AU: I-MED data breach exposes tens of thousands of patient files using details shared online for a year (1)
Cam Wilson reports: Tens of thousands of patients from Australia’s biggest medical imaging provider I-MED have had swaths of sensitive health and personal information exposed in a data breach using details that have been public for a year. This sounds like another case where a threat actor found credentials online. Crikey reports: In this case,…
Nightsleeper-style’ cyber attack hits 20 railway stations: Passengers logging on to public wi-fi at UK’s biggest transport hubs ‘are met with screen about terror attacks in Europe’
The Daily Mail reports: Nineteen major railway stations across Britain including ten in London have been hit by a major cyber attack impacting their public wi-fi systems for passengers. Network Rail confirmed London Euston, Manchester Piccadilly, Liverpool Lime Street, Birmingham New Street and Glasgow Central were among those impacted. British Transport Police launched an investigation after travellers logging into…
China’s ‘Salt Typhoon’ Cooks Up Cyberattacks on US ISPs
Tara Seals reports: A freshly discovered advanced persistent threat (APT) dubbed “Salt Typhoon” has reportedly infiltrated Internet service provider (ISP) networks in the US, looking to steal information and potentially set up a launchpad for disruptive attacks. Citing “people familiar with the matter,” the Wall Street Journal broke the news on Sept. 25 that the Chinese-sponsored state…
Star Health sues Telegram after hacker uses app’s chatbots to leak data
Reuters reports: Star Health has sued Telegram and a self-styled hacker after Reuters reported that the hacker was using chatbots on the messaging app to leak personal data and medical reports of policy holders. The lawsuit comes amid growing scrutiny of Telegram globally and the arrest of its founder Pavel Durov in France last month,…