According to The Register, Joe Sullivan, Uber’s former chief security officer, has been found guilty of illegally covering up the theft of Uber drivers and customers’ personal information. Sullivan, who had previously worked as a cybercrime prosecutor for the US Department of Justice, was accused of obstructing justice and misprision, which is the concealment of a felony from law enforcement, two years ago. On both charges, he was found guilty today.On November 21, 2017, Uber CEO Dara Khosrowshahi released a statement admitting that adversaries had entered into the infrastructure of the app behemoth in late 2016 and stolen 57 million…
ISBuzz Team
It has been reported that one of the largest non-profit healthcare providers in the US has been hit by a suspected ransomware attack which has already impacted multiple locations around the country. CommonSpirit claims to run over 1000 sites and 140 hospitals in 21 states. In a brief message yesterday it said it had “identified an IT security issue” affecting some facilities. The full story can be found here: https://www.infosecurity-magazine.com/news/us-healthcare-giant-commonspirit/
CISA Director Jen Easterly announced a new Binding Operational Directive (BOD 23-01) on Monday requiring all Federal civilian agencies to report detailed data about vulnerabilities to CISA at timed intervals using automated tools. “We have said consistently that we are on an urgent path to gain visibility into risks facing federal civilian networks. This is a movement essentially to allow CISA, in its role as operational lead for federal cybersecurity, to manage federal cybersecurity as an enterprise.” Following are a few of the stringent reporting requirements required under BOD 23-01 that begin in April 2023. By April 3, 2023, all…
Following the news that: Telstra is rocked by a data breach with hackers gaining access to staff info. Telstra is rocked by a data breach with hackers gaining access to staff info (msn.com)
As more and more businesses move their operations online due to digital transformation, the need for securing becomes more pressing. Namely, many companies do their best to secure their cloud from data breaches and malicious insiders, yet often overlook application security. However, the truth is that application security is just as, if not more important than other types of security. Namely, applications nowadays receive more attacks than ever, precisely because attackers have learned that application security isn’t the focus of most companies. Although apps are often the target of attacks, this doesn’t mean that application security is difficult to implement.…
Cyber group RansonEXX took responsibility for stealing the company’s information, Italian newspaper Corriere della Sera said. They claim the hackers have leaked 7GB of data, including internal documents, technical sheets, repair instructions, and other documents. According to Reuters: MILAN, Oct 3 (Reuters) – Ferrari (RACE.MI) said on Monday some internal documents had been posted online and the luxury sports carmaker was working to identify how this had happened. It will implement all the appropriate actions as needed, it said in an emailed statement. Ferrari documents were stolen previously when the cybergang Everest hit Speroni spa, a company that supplies components for sports cars…
It has been reported that banks and building societies will have stronger incentives to prevent scams happening in the first place, as well as having to reimburse victims who have been tricked into transferring money to a fraudster, under a regulator’s proposals. The Payment Systems Regulator (PSR) has published a consultation to usher in greater consumer protections from authorised push payment (APP) scam losses. Kate Fitzgerald, interim head of policy at the PSR, told the PA news agency that the plans would ensure a more consistent approach for customers, “levelling the playing field”.
Humana disclosed a third-party data breach by Choice Health that impacted 22,767 patients. Humana is the third largest health insurance provider in the nation. Choice Health sells Medicare products on Humana’s behalf. The company has confirmed that a Choice Health database was exposed to the internet due to a security misconfiguration caused by a third-party service provider. The attackers accessed the database and obtained certain files on May 7, including names, Social Security numbers, dates of birth, addresses, health insurance information, contact information, and Medicare beneficiary identification numbers. Humana also experienced a 3rd party breach last year, when PracticeMax, a…
Despite Increased Investment in Bot Mitigation, Annual Report Shows Companies Continue to Struggle with Bot Attacks Kasada, provider of the most effective and easiest way to defend against advanced bot attacks, today released its annual report on the state of bot mitigation and automated fraud. The 2022 State of Bot Mitigation Report is based on the findings of organizations that are already using anti-bot solutions and compares results against last year’s report. The company’s annual report shows that revenue loss from bot-driven account fraud and web scraping continues to skyrocket, despite companies spending more on bot mitigation solutions every year.…