From a newly released GAO report: Modern vehicles contain multiple interfaces—connections between the vehicle and external networks—that leave vehicle systems, including safety-critical systems, such as braking and steering, vulnerable to cyberattacks. Researchers have shown that these interfaces—if not properly secured—can be exploited through direct, physical access to a vehicle, as well as remotely through short-range…
Demand letter served on poll body over disastrous ‘Comeleak’ breach
There continues to be a lot of media coverage of the COMELEC breach in the Philippines. Here’s an interesting response. Carlos Nazareno reports: The Center for International Law Philippines (Centerlaw), a human rights legal group, delivered on Monday, April 25, a demand letter to the Commission on Elections (Comelec) over its possible failure to reasonably protect the…
Hacker With Victims in 100 Nations Gets 7 Years in Prison
Patricia Hurtado reports: An Estonian man who admitted directing what the U.S. called a massive “cybercriminal enterprise” that infected more than 4 million computers in 100 countries was sentenced to more than seven years in prison, the U.S. said. Vladimir Tsastsin, who was brought to the U.S. in 2014 for trial after fighting extradition for…
QNB, Al Jazeera, and other Qatar entities have their data leaked online
Doha News reports that clients of Qatar National Bank (QNB), employees at Al Jazeera Media Network, and even secret service agents have had what appears to be their details leaked. The names, phone numbers, bank passwords and other sensitive information of what appears to be a large number of Qatar National Bank (QNB) customers has…
Edwin Shaw employee loses unencrypted flash drive with 975 patients’ info
An anonymous site visitor kindly pointed me to this item that was in the Akron Beacon Journal last week: If you went to Akron General Edwin Shaw Rehabilitation hospital in 2010 or 2011, expect to receive a letter from hospital officials saying that some of your information may have been compromised. Officials said the data…
Minecraft Server Exposes Details of 7 Million Gamers
Catalin Cimpanu reports: It appears that details of over seven million Minecraft gamers were being sold on the Dark Web, Troy Hunt security researcher has revealed today on Twitter. The data belonged to users of the Lifeboat Minecraft community and included user details such as usernames, email addresses, and MD5-hashed passwords. Read more on Softpedia.