Larry Jaffee, Author at SC Media

Larry Jaffee

Most recent articles by Larry Jaffee

facebook

Facebook’s European dating service held up over data protection, privacy concerns

After Facebook was stopped from launching a dating service in Europe on Feb. 13, infosec experts are left wondering if the social media network had learned anything from the Cambridge Analytica debacle in 2018 or the platform’s other data privacy transgressions. The EU found Facebook committed data protection violations within the forthcoming service, such as…

Huawei responds to allegations of NSA hacking

Justice Dept. expands Huawei indictment, charging 5G espionage

The U.S. government expanded its year-old lawsuit against Chinese tech firm Huawei, alleging the company conducted cyber espionage on six American competitors in an attempt to steal trade secrets to gain an unfair advantage. Filed in the federal court’s Southern District in Brooklyn, the indictment charges that Huawei’s activities violated racketeering laws by illegally gaining…

French plastic surgery image repository left vulnerable but since corrected: report

The before and after photos of thousands of plastic surgery patients in Europe were recently left vulnerable but since rectified, researchers at vpnMentor wrote in a blog post. The researchers, led by Noam Rotem and Ran Locar, discovered on Jan. 24 that NextMotion did not secure or encrypt the body images and PII of people…

Facial recognition tech questioned, defended at House committee hearing

The controversy over usage of facial recognition technology took center stage last week in Washington, D.C., as the House of Representatives’ Homeland Security Committee held a two-hour hearing, as opponents in the debate decry its racial bias and federal government’s quick rollout at U.S. airports without fully testing or acknowledging proven shortcomings. In his opening…

Ashley Madison

Ashley Madison breach victims further embarrassed by ransom demands five years later

Five years after a high-profile data breach of an infidelity website where users could meet to start an extramarital affair, users of Ashley Madison are now increasingly finding themselves victimized by extortion plots to pay about $1,000 in bitcoins to save them further embarrassment. The current scheme, uncovered by Vade Secure threat analyst Damien Alexandre,…

Indian airline hacked, vulnerability exposed by ethical hacker

An apparent data breach of Indian airline SpiceJet calls into question white-hat tactics to expose network vulnerabilities and protocol. The airline’s hack, compromising the data of more than 1.2 million passengers, including Indian government officials, was first reported by TechCrunch, which learned of the incident through an unnamed security researcher, who referred to his actions…

Three GozNym members sentenced domestically, internationally

A three-year-old investigation and prosecution of cybercriminals aligned with the multinational GozNym network resulted last week in the sentencing of a Bulgaria resident in a Pittsburgh federal court. In a related action, a Tbilisi, Georgia court handed down prison sentences of seven and nine years to two Georgian members of the group, following a lengthy trial. In…

Drupal’s Archive Tar patches multiple crititical vulnerabilities

Drupal Core announced multiple critical vulnerabilities that impact some of its configurations for versions: 8.8.x-dev, 8.7.x-dev, and 7.x-dev. The Drupal project uses the third-party library Archive_Tar, which released a security update – SA-CORE-2019-012, according to a Dec. 18 advisory. Multiple vulnerabilities are possible if Drupal is configured to allow .tar, .tar.gz, .bz2 or .tlz file uploads and processes them. The latest versions…

Next post in Vulnerabilities