Ian Poh reports: Undeterred by the Government’s warning that it would deal with those who threaten to attack Singapore’s cyber infrastructure, a hacking enthusiast tested his skills on the Prime Minister’s Office (PMO) website. Mohammad Azhar Tahir, 28, was sentenced to two months’ jail on Monday for entering unauthorised computer code into the site on…
AliExpress WebSite Vulnerability Exposes Millions of Users’ Private Information (Updated)
The Hacker News reports: A critical, but easily exploitable personal information disclosure vulnerability has been discovered in the widely popular online marketplace AliExpress website that affects its millions of users worldwide.. […] Amitay Dan, an Israeli application security researcher working at Cybermoon.cc, reported the vulnerability to The Hacker News after providing full disclosure of the flaw to the AliExpress…
AU: AFP mistakenly names two people involved in criminal investigation
Paul Farrell reports: The Australian federal police have inadvertently disclosed the identity of two people involved in a criminal investigation, the second accidental publication of material about investigations this year. The identities of the two were disclosed in documents released by the AFP under freedom of information laws. Read more on The Guardian.
New detail emerges in NRAD data theft case
On December 4, after posting a press release from the D.A.’s office announcing the arrest of a physician for stealing PHI on 97,000 patients, I noted that we still had seen no statement about the physician’s possible motive. Now Marianne Kolbasuk McGee reports that the physician “told authorities that he accessed and copied the NRAD…
Liberian Facing 43 Years in Prison for Tax Fraud and Id Theft
Front Page Africa reports: In a pea (sic) appearance at Federal Court in Philadelphia on Wednesday, Gebah Kamara, a former worker at the Catholic Social Services pleaded guilty to all charges, including conspiracy to file false tax returns and theft. As prosecutors went to court armed with a mountain of evident (sic) against the Liberian…
Toward a Breach Canary for Data Brokers
It wouldn’t prevent breaches, but having data brokers incorporate dummy identities in databases (“canaries”) might make it easier to figure out when a data broker’s database has been compromised and when their stolen information goes up for sale on the underground, Brian Krebs writes. Getting Congress off the dime to do something about data brokers has…