Information security
Hackers Leak French Hospital Patient Data in Ransom Fight | SecurityWeek.Com
Hackers who crippled a French hospital and stole a trove of data last month have released personal records of patients online, officials have confirmed.During last month's attack, the Corbeil-Essonnes hospital shut down its emergency services and sent many patients to other institutions.The problem has been acute in France, where officials estimated early last year that healthcare institutions were facing on average an attack every week.The cyberattackers demanded a multimillion dollar ransom from the Corbeil-Essonnes hospital near Paris a month ago, but the institution refused to pay.
Australia to overhaul privacy laws after massive data breach
Hackers managed to access a vast amount of potentially sensitive information on up to 9.8 million Optus customers - close to 40 percent of the Australian population.A post from the same person in a popular hacking forum claimed to offer the user data for sale for $150,000 and listed an extortion price of $1 million to keep the data private, to be paid in the Monero cryptocurrency.Following one of the biggest data breaches in Australian history, the government of Australia is planning to get stricter on requirements for disclosure of cyber attacks.
Should Hacking Have a Code of Conduct?
Which raises a question for the wider law-abiding hacking community: Should we have our own ethical code of conduct?This could be an exploitable unauthenticated RCE or SQLi, a malicious code execution, or sensitive data disclosure vulnerability.Now, don't get me wrong; this isn't a pat on the back for cybercriminals, but it does indicate that at least some professional code is being followed.Having a timestamped log of the activities performed, be it exploiting a system or scanning for malware, gives piece of mind to organizations by reminding them that hackers work with them, not against them.
Samsung Fails Consumers in Preventable Back-to-Back Data Breaches, According to Federal Lawsuit
Company unnecessarily collected consumers' personal data and failed to safeguard it, suit alleges, leading to two back-to-back data breaches.Represented by powerhouse public interest firm, Clarkson Law Firm, the Plaintiffs further allege that Samsung failed to take appropriate protective measures leading to two back-to-back data breaches.However, the lawsuit claims the tech giant's deficient security measures led to two data breaches and distribution of consumers' private, personal information.According to the lawsuit, Samsung disabled functions and features of its electronics like TVs and printers unless consumers submitted personal identification data like their home address and date of birth.
A Sprawling Bot Network Used Fake Porn to Fool Facebook
The team at Qurium was blocking up to 60,000 IP addresses a day from accessing Bulatlat's website.Lundström and his team found that the attack was just the start of it.Lundström and his team found that requests for pages on Bulatlat's website were actually coming from Facebook links disguised to look like links to pornography.WIRED contacted the email attached to the Facebook page for comment but did not receive a response.Qurium further traced the domain name to an email registered to a person called Mien Trung Vinh.