The Commerce Department Tuesday renewed a temporary license that allows U.S. companies to sell their products to Huawei but blacklisted exporting products to 45 companies associated with the Chinese technology firm. Commerce Secretary Wilbur Ross justified the 90-day renewal in a release, saying that “more time is necessary to prevent any disruption.” In May, amid…
After information on 825,000 Delta Airlines customers was exposed and potentially stolen by at least one hacker in 2017, the airline has filed suit against chatbot vendor [24]7.ai, claiming poor security led to the breach. Delta also took aim at the vendor for waiting nearly six months to disclose the breach, according to the suit…
A wide-ranging ransomware attack has hit 23 government entities in Texas, most of them “smaller, local governments,” the Texas Department of Information Resources (DIR) confirmed Saturday. While the government won’t reveal the names of the organizations affected by the attack, which began Friday morning, the DIR said that state of Texas networks and systems weren’t…
Unauthorized third parties hacked European Central Bank (ECB) Banks’ Integrated Reporting Dictionary (BIRD) website, nicking email and other contact information on 481 subscribers and prompting the bank to shut down the website indefinitely. “The breach succeeded in injecting malware onto the external server to aid phishing activities,” the ECB said in a release, adding that…
SC Media’s 30 on 30 podcast looks at the issues and evolution characterizing the security industry over SC’s 30-year history. In this episode we talk to Steve Durbin, managing director of the Information Security Forum, which, coincidentally, is celebrating its own 30th anniversary this year.
While a U.S. District Court judge has rebuffed attempts to move Georgia’s fall municipal elections to paper ballots, she did order the state to replace its direct recording electronic (DRE) voting machines with paper ballot systems by its March 24 presidential primary. “The court prohibits any use of the GEMS/DRE system after 2019,” Judge Amy…
Adobe’s eight Patch Tuesday updates addressed a multitude of flaws – including 76 in Acrobat and Acrobat Reader that were rated important as well as several in Creative Cloud and Experience Manager rated critical. Successful exploitation of the Acrobat and Acrobat Reader vulnerabilities “could lead to arbitrary code execution in the context of the current…
A breach in a database of biometric security smart lock platform Suprema BioStar 2 exposed more than one million fingerprint records as well as facial recognition information and other sensitive data. The web-based system is used by the likes of the U.K. Metropolitan Police to control access to physical facilities and manage users permissions. Researchers…
Microsoft patched 93 vulnerabilities, including two BlueKeep-like remote code execution (RCE) flaws. The two flaws, CVE-2019-1181 and CVE-2019-1182, in Remote Desktop Services, are “wormable,” Simon Pope, director of incident response at the Microsoft Security Response Center (MSRC), wrote in a blog post, “meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without…
A breach that exposed personally identifiable information (PII) on 2.9 million Desjardins customers cost the Canadian credit union $53 million in Q2. To accommodate users whose information was breached when an employee insider used internal data without authorization, the lender accrued the cost of offering credit monitoring as well as identity theft insurance for five…
