Once again, information was left exposed on an unprotected server – this time by an affiliate of Meditab, a California maker of medical records software sold to doctors, pharmacies and hospitals. Researchers at SpiderSilk found that anyone could read in realtime unencrypted medical records, personal information, drug prescriptions, doctors’ notes and the like from faxes…
The parent company of Chinese e-retailing giant Gearbest has been operating a completely unsecured corporate database, leaving roughly 1.5 million customer records unencrypted and exposed to the public, a new report warns. Led by white-hat hacker Noam Rotem, researchers from VPNMentor revealed the security issue after discovering they were able to access Gearbest’s customer, order,…
Taking advantage of recent stolen credential dumps, attackers have been exploiting legacy protocols like IMAP to engage in high-volume password-spraying campaigns for the purpose of breaking into companies’ cloud accounts, researchers at Proofpoint are reporting. Used by email clients to retrieve messages from a server, IMAP (Internet Message Access Protocol) is an ideal protocol to…
Malicious bots account for about 30 percent of all traffic on the internet, Cequence Security CMO Franklyn Jones told SC Media Executive Editor Teri Robinson, which is why understanding underlying behavior is important.
Small businesses, which make up 99 percent of businesses globally and, on average, 70 percent, grapple with some of the same major cybersecurity challenges as large enterprises, only without the same resources. The Global Cyber Alliance (GCA) and Mastercard have teamed on a free Cybersecurity Toolkit aimed at helping smaller and medium-sized businesses. GCA President…
At 30 years old, the World Wide Web needs a little work when it comes to cybersecurity and other issues, its creator Tim Berners-Lee said Monday. Three sources of dysfunction must be addressed, Berners-Lee wrote in an open letter: “deliberate, malicious intent, such as state-sponsored hacking and attacks, criminal behaviour, and online harassment; system design…
Just three weeks ago the Department of the Navy boosted its planned reorganization that would create a new assistant secretary position to manage cyber, IT and data but at the end of last week Navy Secretary Richard Spencer seemed to indicate the Navy might scrap that position for the time being. To incorporate the Senate-confirmed…
Jackson County, Ga., is the latest ransomware victim to fork over a payment to its attackers in order to regain access to its encrypted files. The county government paid out $400,000 over the weekend to the attackers that struck on March 6 effectively taking down the municipal government computer network, including 911. County officials told…
Acting on a tip from the FBI, Citrix has investigated and confirmed that its network has been penetrated and data had been exfiltrated by an outside force. Neither the extent of nor the specifics of what has been removed has been determined, but in a statement Citrix said business documents have been accessed and downloaded…
The number of data breaches increased more than 400 percent in 2018 exposing almost 15 billion records, according to the identity intelligence company 4iQ. The company’s annual report confirmed 12,440 new breaches, a 424 percent increase compared to 2017, and of the 14.9 billion records compromised, 3.6 billion were confirmed real and exposed for the…
