A vulnerability in smartcard readers made by vendor Kobil allows intruders to install specially crafted firmware without opening the sealed housing. Attackers could exploit this to read PINs such as those used for digital document signatures or to display forged data on-screen. To prevent such intrusions from happening, smartcard readers are usually subjected to a…
Facebook dev move won’t stop rogue apps, say researchers
Gregg Keizer reports: Security researchers today said Facebook’s new requirement that developers link legitimate accounts to their software won’t stop rogue applications from infecting its users with adware. On Wednesday, Facebook announced that it will now demand that developers verify a Facebook account to create new apps on the service. “We’re taking this step to…
NL: Sensitive DoJ data published
From Karin Spaink‘s blog: Various web sites have published ‘documents containing sensitive data’ from the Department of Justice’s national penitentiary task force (Landelijke Bijzondere Bijstandseenheid), who are called in when there are problems in jails. The nature and the scope of the leak is unclear, but it seems that the documents contain information about the…
UK: Call for ban on physical transfer of digital files
Andrew Charlesworth reports: A complete ban on using physical media to transfer digital files has been called for in a recent report, which found that nearly one in five companies is still using couriers such as the postal system to send media containing large or sensitive files. This is despite the well-publicised data breach caused…
UK: Drug dealer who copied police files jailed and fined £1,250
Angus Howarth reports: A drug-dealing police worker caught with secret work documents at her home was jailed for over two years yesterday. Laura Young copied crime files and police reports while working at Grampian Police headquarters in Aberdeen. The 22-year-old even showed a confidential file to the person concerned in the report. She also obtained…
(update) 860,000 more Avmed members may have had IDs stolen
Bob LaMendola reports: An additional 860,000 Avmed members than originally thought may have had their identity data compromised when thieves stole two company laptops in December, officials said Thursday. The laptops contained social security numbers and other personal information for as many as 1.2 million Floridians with Avmed health insurance, the company and state Attorney…