Adnan Farooqui reports: It’s ironic when programs that are meant to protect you from attackers actually open up doors from them. One of Google’s information security engineers discovered a critical flaw in Trend Micro antivirus which would not only have allowed attackers to execute code remotely but would have even let them steal all of…
Dell denies any breach, but scammers are in possession of your service tag numbers?
“A number of Dell customers claim to have been contacted by scammers who had access to specific customer information that should have only been available to Dell. The company says it hasn’t been hacked but won’t offer an explanation for the seemingly stolen data.” Well, that doesn’t sound good. Read Bill Snyder’s report on CIO. It…
AU: Google search puts NSW Medical Council on the wrong side of privacy laws
Paris Cowan reports: A NSW tribunal has ruled that the state’s Medical Council breached privacy laws when it published what it thought was a redacted PDF document on its website, but in doing so revealed the hidden identities of a doctor and her son to Google’s web crawling bot. In April, the NSW Civil and…
Europol confirms raid against DDoS extortion ring DD4BC, one arrest
Steve Ragan picked up on a press release from Europol. He reports: A press statement from Europol says that in December, law enforcement officials in Austria, Bosnia and Herzegovina, Germany, and the U.K. raided two people in an ongoing investigation against the extortion group DD4BC. DD4BC, or DDoS 4 Bitcoin, has generated a good deal…
Simple Yet Effective eBay Bug Allowed Hackers to Steal Passwords
Swati Khandelwal writes that when MLT (@ret2libc on Twitter) responsibly notified eBay of a bug that would allow the theft of eBay users’ passwords via phishing, eBay ignored the problem – until the media came knocking for a statement. Read more on The Hacker News and read MLT’s blog post about the eBay flaw.
Privacy Class Actions are on the Rise in Canada
Ira Nishisato and Éloïse Gratton of Borden Ladner Gervais LLP write: There is a new trend in Canada towards privacy class actions being launched following a cybersecurity breach or an improper disclosure of personal information. Indeed, privacy class actions triggered by data breaches are growing in popularity in Canada, with between twenty and thirty privacy…