Jovan Johnson reports: Loose network and cybersecurity with the problem-plagued Hospital Information Management System (HIMS) that’s gobbling up millions in cost overruns has exposed to hackers thousands of patient data at the University Hospital of the West Indies (UHWI), a Sunday Gleaner investigation has found. Although Advanced Integrated Systems (AIS), which is implementing the project that’s four…
China’s New Law Requires Researchers to Report All Zero-Day Bugs to Government
Ravie Lakshmanan reports: The Cyberspace Administration of China (CAC) has issued new stricter vulnerability disclosures regulations that mandate security researchers uncovering critical flaws in computer systems to mandatorily disclose them first-hand to the government authorities within two days of filing a report. The “Regulations on the Management of Network Product Security Vulnerability” are expected to…
Nl: Leak at Covid testing company made it possible to fake results in CoronaCheck app
NL Times reports: Due to a major leak at the coronavirus testing company Testcoronanu, it was possible for anyone to create their own Covid vaccination or test certificate, RTL Nieuws reported on Sunday. Additionally, private details from about 60 thousand people who took a coronavirus test at this company had been leaked. The company is…
State audits of school district IT reveal why k-12 districts are sitting ducks for threat actors
On July 15, New York State Comptroller Thomas P. DiNapoli released the following school district audits. Clicking on the links will take you to the fuller reports, but even then, some things were so bad, it seems, that findings were told to the districts, but not put in writing in public reports that threat actors…
Ransomware attacks target Virginia Tech, no data believed stolen
Amy Friedenberger reports Virginia Tech was the target of two cyberattacks recently. The most recent attack was part of the Kaseya incident. An earlier attack in May reportedly involved an attempt to encrypt the university’s server. In neither case was there any evidence of data exfiltration. Read more on The Roanoke Times.
Ca: Revelstoke Mountaineer white-hat notification of data security issues causes City of Revelstoke to disable emergency notification system
Aaron Orlando reports: The City of Revelstoke has disabled its emergency notification system after revelstokemountaineer.com notified the city of data security issues with the system. The city’s opt-in emergency alert system sends emails or text messages to subscribers. The system notifies subscribers on a range of city communications, including emergency communications. Read more on revelstokemountaineer.com….