Doug Olenick SC Media | Page 2 of 193

Doug Olenick

Online Editor

Most recent articles by Doug Olenick

Harmonization of the NIST framework for risk, security and privacy

Amidst rising concern around consumer data privacy, NIST is currently developing a data privacy framework that is similar in spirit to the popular Cybersecurity Framework (CSF). Like the CSF, the upcoming privacy Framework will be a close inter-collaboration between public and private sector stakeholders to create a gold-standard, voluntary framework. The great challenge will likely…

Facebook’s xSocialMedia ad agency exposes 150K medical histories

Multiple databases belonging to the Facebook ad agency xSocialMedia have been found open exposing almost 150,000 records containing a wide variety of medical information derived from marketing campaigns run for medical malpractice lawsuits. The files were found by vpnMentor on June 2, and which have since been secured. The exposed information was gathered through Facebook…

EatStreet data breach affecting diners, restaurants and delivery firms

The online food ordering and delivery service EatStreet informed its customers and partners that it suffered a data breach exposing a variety of personal data including payment card information. According to the California State Attorney General’s office, EatStreet sent letters to its diners, delivery and restaurant partners. In each letter the company noted that it…

Data breach forces AMCA’s parent firm to file Chapter 11 bankruptcy

The medical bill collection firm Retrieval-Masters Creditors Bureau Inc. has filed for Chapter 11 bankruptcy protection citing the fallout from a massive data breach that exposed the information of millions of patients. Retrieval-Masters Creditors Bureau Inc., which collects debts from medical labs under the name American Medical Collection Agency (AMCA) filed in the Southern District…

Should companies based in authoritarian countries be permitted to invest in sensitive areas of another country’s economy?

5G technology promises to be truly revolutionary. Not only will it make communications virtually instantaneous, but it has the potential to unlock the ‘Internet of Things’. 5G could connect super high-speed internet, with almost no time lag, to physical objects so that they can be remotely controlled or even work autonomously. This could include anything…

Instagram testing simpler method to retrieve hacked accounts

Instagram is in the process of making it easier for its users to recover hacked accounts. The Facebook-owned social media site today began testing an in-app method, essentially a two-factor authentication tool, that will be triggered either when Instagram notes the user is having trouble logging in or by the user clicking “need more help”…

ASCO Industries confirms ransomware attack

ASCO Industries has broken its silence regarding the cyberattack saying it has been hit with ransomware and has shut down activities at its facilities in Belgium, Canada, the United States and Germany. ASCO said it is on the receiving end of a massive ransomware attack that has caused a serious disruption to all its systems…

What can be done about the growing threat of spoofing?

Robocalls and “spoof” calls are much more than just annoyances. They’re also a lucrative underworld business that poses significant security and privacy threats to businesses and consumers. Between March 2017 and March 2018, nearly 25 million Americans lost almost $9 billion to scam phone calls. If any doubt remains how insidious the business is, just…

emailenvelopeicons_1216035

Exim vulnerability being exploited in the wild

Just one week after a previously patched vulnerability in Exim mail servers was disclosed by Qualys, attackers have begun searching out vulnerable Exim systems prompting the Cybersecurity and Infrastructure Security Agency (CISA) to encourage users to update their systems to the latest version. CISA reported the vulnerability CVE-2019-10149 was detected in exploits in the wild…

Mozilla, Google patch security issues in Thunderbird and Chrome

The Mozilla Foundation and Google released “high” rated security updates for Thunderbird and Chrome, respectively. The high-rated Thunderbird vulnerabilities patched in version 60.7.1 are CVE-2019-11703 and CVE-2017-11704 concern a heep buffer overflow in icalparser.c and another in Icalfvalue.c. The former flaw can cause a flaw in Thunderbird’s implementation of iCal causes a heap buffer overflow…

Next post in Vulnerabilities