Attacks, Threats, and Vulnerabilities
Ongoing Cyber Threats to U.S. Water and Wastewater Systems (CISA) This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Agency (CISA), the Environmental Protection Agency (EPA), and the National Security Agency (NSA) to highlight ongoing malicious cyber activity—by both known and unknown actors—targeting the information technology (IT) and operational technology (OT) networks, systems, and devices of U.S. Water and Wastewater Systems (WWS) Sector facilities. This activity—which includes attempts to compromise system integrity via unauthorized access—threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities. Note: although cyber threats across critical infrastructure sectors are increasing, this advisory does not intend to indicate greater targeting of the WWS Sector versus others.
US government discloses more ransomware attacks on water plants (BleepingComputer) U.S. Water and Wastewater Systems (WWS) Sector facilities have been breached multiple times in ransomware attacks during the last two years according to joint advisory published by US government agencies on Thursday.
CISA outlines cyberthreats targeting US water and wastewater systems (ZDNet) CISA listed multiple ransomware attacks on water facilities this year, including ones in California, Maine and Nevada.
U.S. authorities disclose ransomware attacks against water facilities (Reuters) U.S. authorities said on Thursday that four ransomware attacks had penetrated water and wastewater facilities in the past year, and they warned similar plants to check for signs of intrusions and take other precautions.
Three more ransomware attacks hit Water and Wastewater systems in 2021 (Security Affairs) A joint cybersecurity advisory published by US agencies revealed that three ransomware attacks on wastewater systems this year. A joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA revealed three more attacks launched by Ransomware gangs against US water and wastewater treatment facilities (WWS) this year. This is the first time that these attacks […]
US govt reveals three more ransomware attacks on water treatment plants this year (The Record by Recorded Future) Ransomware gangs have silently hit three US water and wastewater treatment facilities this year, in 2021, the US government said in a joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA.
New Yanluowang ransomware used in targeted attacks (Symantec) New arrival to the targeted ransomware scene appears to be still in development.
A Telegram Bot Told Iranian Hackers When They Got a Hit (Wired) APT35 may not be the most dangerous group out there, but they've got a new phishing trick.
Countering threats from Iran (Google) Google’s Threat Analysis Group tracks actors involved in disinformation campaigns, government backed hacking, and financially motivated abuse. We have a long-standing policy to send you a warning if we detect that your account is a target of government-backed phishing or malware attempts. So far in 2021, we’ve sent over 50,000 warnings, a nearly 33% increase from this time in 2020.
BlackByte Ransomware – Pt. 1 In-depth Analysis (Trustwave) During a recent malware incident response case, we encountered an interesting piece of ransomware that goes by the name of BlackByte.
A Handshake with MySQL Bots (Trustwave) It’s well known that we just don’t put services or devices on the edge of the Internet without strong purpose justification. Services, whether maintained by end-users or administrators, have a ton of security challenges. Databases belong to a group that often needs direct access to the Internet - no doubt that security requirements are a priority here.
BlackByte Ransomware – Pt 2. Code Obfuscation (Trustwave) In Part 1 of our BlackByte ransomware analysis, we covered the execution flow of the first stage JScript launcher, how we extracted BlackByte binary from the second stage DLL, the inner workings of the ransomware, and our decryptor code. In this blog, we will detail how we analyzed and de-obfuscated the JScript launcher, BlackByte’s code, and strings.
Explosive New MirrorBlast Campaign Targets Financial Companies (Morphisec) Morphisec Labs has tracked a new MirrorBlast campaign targeting financial companies.
The REBOL Yell: A New Novel REBOL Exploit (FRSecure) We recently discovered a novel REBOL exploit technique used for command-and-control. We've coined this the REBOL Yell. Read about the exploit and preventing it.
Acer confirms second cyberattack in 2021 after ransomware incident in March (ZDNet) Hackers breached the Taiwanese company's servers in India this week.
VirusTotal Shares Analysis of 80 Million Ransomware Samples (SecurityWeek) With 6,000 out of 30,000 observed clusters of activity, Google VirusTotal reports that GandCrab emerged as the most active ransomware family wreaking havoc on the Windows ecosystem.
Israeli Hospital Targeted in Ransomware Attack (SecurityWeek) An Israeli hospital was targeted Wednesday by a ransomware attack, officials said, with the state's cyber directorate calling it the first such attack on a hospital in the country.
A malware botnet has made more than $24.7 million since 2019 (The Record by Recorded Future) The operators of a malware botnet known as MyKings are believed to have made more than $24.7 million through what security researchers call a "clipboard hijacker."
Hackers Claim to Have Stolen 60 GB of Data From Acer (SecurityWeek) Hackers claim to have stolen 60 GB of data, including information on millions of customers, after breaching Acer India servers.
Britney Spears Was Spied On Through iCloud. Other Women Recount Similar Horrors. (Vice) “I felt like I had no control over my life. My phone became a weapon.”
Security Patches, Mitigations, and Software Updates
NFT Marketplace OpenSea Patches Flaw Potentially Leading to Cryptocurrency Theft (SecurityWeek) OpenSea, the world’s largest NFT marketplace, has addressed a security vulnerability that could have allowed hackers to hijack user accounts and empty their crypto wallets with the help of maliciously crafted NFTs
Siemens PROFINET DCP (Update U) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.5
ATTENTION: Exploitable from an adjacent network/low attack complexity
Vendor: Siemens
Equipment: Devices using the PROFINET Discovery and Configuration Protocol (DCP)
Vulnerabilities: Uncontrolled Resource Consumption
2.
Schneider Electric CNM (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Schneider Electric
Equipment: ConneXium Network Manager (CNM) Software
Vulnerability: Improper Privilege Management
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands.
Uffizio GPS Tracker (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Uffizio
Equipment: GPS Tracker
Vulnerabilities: Improper Access Control, Unrestricted Upload of File with Dangerous Type, Open Redirect, Cross-site Scripting, Cross-site Request Forgery
2.
Mitsubishi Electric MELSEC iQ-R Series (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.1
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Mitsubishi Electric Corporation
Equipment: MELSEC iQ-R Series CPU Module
Vulnerability: Authorization Bypass Through User-controlled Key
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a remote attacker to be able to log in to the CPU module by obtaining credentials.
Siemens SINUMERIK (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SINUMERIK Controllers
Vulnerability: Heap-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an unauthenticated attacker, with network access to the affected devices, to cause system failure with total loss of availability.
Siemens SINEC NMS (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SINEC NMS network management software
Vulnerabilities: Improper Limitation of a Pathname to a Restricted Directory, Improper Authorization, Exposure of Sensitive Information to an Unauthorized Actor, Deserialization of Untrusted Data, Improper Neutralization of Special Elements used in an SQL Command
2.
Siemens Solid Edge (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Siemens
Equipment: Solid Edge, 3D CAD and solid modeling software
Vulnerabilities: Use After Free, Out-of-bounds Read, Access of Uninitialized Pointer
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could lead the application to crash or allow arbitrary code execution on the target host system.
Siemens SCALANCE (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SCALANCE
Vulnerabilities: Cross-site Request Forgery, OS Command Injection, Classic Buffer Overflow, Command Injection, Path Traversal, Missing Encryption of Sensitive Data
2.
Siemens RUGGEDCOM ROX Devices (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: RUGGEDCOM ROX
Vulnerability: Uncontrolled Resource Consumption
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an unauthenticated attacker to cause a permanent denial-of-service condition.
Siemens SIMATIC Process Historian (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SIMATIC Process Historian
Vulnerability: Missing Authentication for Critical Function
2. RISK EVALUATION
Successful exploitation of this vulnerability could enable the execution of admin operations on the database.
Siemens RUGGEDCOM ROX (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: RUGGEDCOM ROX
--------- Begin Update A Part 1 of 2 ---------
Siemens SIPROTEC 5 relays (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SIPROTEC 5 relays
Vulnerabilities: Classic Buffer Overflow
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-21-257-10 Siemens SIPROTEC 5 relays that was published September 14, 2021, to the ICS webpage on us-cert.cisa.gov.
Siemens SIPROTEC 5 (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SIPROTEC 5
Vulnerability: Improper Input Validation
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-21-257-16 Siemens SIPROTEC 5 that was published September 14, 2021, to the ICS webpage on us-cert.cisa.gov.
Siemens PROFINET Devices (Update C) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: PROFINET Devices
Vulnerability: Allocation of Resources Without Limits or Throttling
2.
Siemens Linux-based Products (Update E) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.4
ATTENTION: Exploitable remotely
Vendor: Siemens
Equipment: Linux based products
Vulnerability: Use of Insufficiently Random Values
2. UPDATE INFORMATION
This updated advisory is a follow-up to the advisory update titled ICSA-21-131-03 Siemens Linux-based Products (Update D) that was published September 14, 2021, to the ICS webpage on us-cert.cisa.gov.
Siemens SIMATIC SmartVNC HMI WinCC Products (Update B) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely
Vendor: Siemens
Equipment: SIMATIC HMIs/WinCC Products
Vulnerabilities: Access of Memory Location After End of Buffer, Improper Handling of Exceptional Conditions, Improper Restriction of Operations within the Bounds of a Memory Buffer, Uncontrolled Resource Consumption
2.
Siemens SCALANCE W1750D (Update B) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SCALANCE W1750D
Vulnerabilities: Improper Authentication, Classic Buffer Overflow, Command Injection, Improper Input Validation, Race Condition, Cross-site Scripting, Basic XSS, Uncontrolled Resource Consumption
2.
Siemens PROFINET-IO Stack (Update F) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: Siemens PROFINET-IO Stack
Vulnerability: Uncontrolled Resource Consumption
Siemens Industrial Real-Time (IRT) Devices (Update F) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: Industrial Real-Time (IRT) Devices
Vulnerability: Improper Input Validation
2.
Siemens PROFINET Devices (Update K) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: PROFINET Devices
Vulnerability: Uncontrolled Resource Consumption
2. UPDATE INFORMATION
This updated advisory is a follow-up to the advisory update titled ICSA-19-283-02 Siemens PROFINET Devices (Update J) published on June 8, 2021, to the ICS webpage on us-cert.cisa.gov.
Siemens SCALANCE X (Update C) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.4
ATTENTION: Exploitable remotely
Vendor: Siemens
Equipment: SCALANCE X
Vulnerability: Expected Behavior Violation
2. UPDATE INFORMATION
This updated advisory is a follow-up to the advisory update titled ICSA-19-085-01 Siemens SCALANCE X (Update B) that was published January 14, 2020, to the ICS webpage on us-cert.gov.
Siemens Industrial Products (Update S) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Remotely exploitable/low attack complexity
Vendor: Siemens
Equipment: Industrial Products
Vulnerability: Improper Input Validation
2. UPDATE INFORMATION
This updated advisory is a follow-up to the advisory update titled ICSA-17-339-01 Siemens Industrial Products (Update R) published June 8, 2021, to the ICS webpage on us-cert.cisa.gov.
Siemens PROFINET DCP (Update U) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.5
ATTENTION: Exploitable from an adjacent network/low attack complexity
Vendor: Siemens
Equipment: Devices using the PROFINET Discovery and Configuration Protocol (DCP)
Vulnerabilities: Uncontrolled Resource Consumption
2.
Trends
Top Attack Vectors: September 2021 (Expel) This report dives into the top attack vectors and trends among the incidents our SOC investigated in September 2021. Learn our key recommendations to protect your org from these types of attacks.
2021 State of Privacy and Security Awareness Report (KnowBe4) Knowledge may be power, but knowledge without action is useless. Today’s digital world is constantly pushing information to people; organizations are no different, subjecting employees to multiple policies, regulations, laws, and standards.
Hospitals Respond to Influx of Ransomware Attacks by Increasing Budgets (KnowBe4) The ransomware onslaught on hospitals and healthcare organizations is being seen as the catalyst for boards to shift operational priorities and put more focus on cybersecurity initiatives.
Securing the new workplace reality (Menlo Security) A report from Menlo Security highlights growing concerns about relying on traditional methods of protecting outside access to network applications and resources.
Human hacking increased as apps and browsers moved completely to the cloud (Help Net Security) Human hacking – phishing attacks across all digital channels – has dramatically increased in 2021, SlashNext has revealed.
Blue Hexagon - 451 Research Report - Blue Hexagon (Blue Hexagon) Cloud delivery work spans multiple teams – new cloud centers of excellence, cloud engineering teams within business units, and increased use of third-party services across the organization.
Marketplace
Air Force releases cyber and intel RFI (Intelligence Community News) On October 14, the U.S. Air Force posted a request for information (RFI) for A2 Cyber and Intel A&AS. Responses are due by 4:00 p.m. Eastern on October 29.
Cyber Insurance Firm At-Bay Announces $20 Million Series D Extension (SecurityWeek) At-Bay, the cyber insurance company that aims to reduce ransomware risk, this week announced a $20 million extension to its Series D funding round.
After Early Investors Flee SPAC Deals, Day Traders Rush In (Wall Street Journal) Day traders are targeting some companies that recently closed SPAC mergers, reinvigorating some of the meme-stock excitement that helped make such deals popular early in the year.
LinkedIn shuts up shop in China (Computing) Company cites 'significantly more challenging operating environment and greater compliance requirements' as reason for pulling out
Microsoft Folds LinkedIn Social-Media Service in China (Wall Street Journal) LinkedIn’s plans to shut down the version of its professional-networking site used in the country mark the end of the last major American social-media service operating openly there.
Optiv Accelerates Client Success with Innovation and Operational Excellence; Adds Two Industry Veterans to Executive Leadership (Optiv) Optiv names Cheryl VanVoorhees as Executive Vice President of Operations and Rocky DeStefano as Chief Technology Officer.
Products, Services, and Solutions
OPSWAT Launches Academy 3.0 to Enhance Critical Infrastructure Protection Expertise Among Cybersecurity Professionals (PR Newswire) OPSWAT, the global leader in Critical Infrastructure Protection (CIP), with cybersecurity solutions protection for both the IT and Operational...
RiskLens Announces New Managed Service to Help CISOs Measure Top Cyber Risks (GlobeNewswire News Room) RiskLens Pro simplifies critical risk analysis, reporting to quantify cyber risk and convey cybersecurity outcomes to businesses...
Okta Unveils Updated Availability for Okta Workflows as New Standalone Offering with Expanded Capabilities (Okta) Okta, Inc. (NASDAQ:OKTA), the leading independent identity provider, today announced the availability of Okta Workflow...
Okta Advances Customer Identity with Auth0 and New Okta Features (Okta) Okta, Inc. (NASDAQ: OKTA), the leading independent identity provider, today will announce continued growth and advance...
Auth0 Identity Platform Now Available on Microsoft Azure (Auth0 - Blog) New private cloud deployment option offers customers greater choice, scalability, and reliability
Elisity Strengthens TD SYNNEX Cybersecurity Offerings (BusinessWire) Elisity, Inc. today announced that TD SYNNEX will add Elisity’s Zero Trust Access platform to its cybersecurity portfolio.
Keysight’s IoT Security Assessment software offers automated cybersecurity validation of IoT devices (Help Net Security) Keysight Technologies has delivered a new IoT Security Assessment software solution that enables IoT chip and device manufacturers.
Darktrace Self-Learning AI Defends Organizations Across All 16 CISA Critical Infrastructure Sectors (Guru Focus) GuruFocus Article or News written by PRNewswire and the topic is about:
Technologies, Techniques, and Standards
NIST seeks feedback on potential ‘moonshot’ of supply chain security project (Federal News Network) The agency says it doesn’t want to reinvent the wheel in developing an approach to securing the broad information and communications technology ecosystem.
Appointing a Data Protection Officer: 10 Common Mistakes (cyber/data/privacy insights) On the third anniversary of the General Data Protection Regulation, Cooley launched a series of webinars focused on the GDPR.
As set out in the GDPR, the data protection officer (DPO) plays a crucial role in the data privacy landscape, so our second webinar covers what we consider to be the 10 mo
Hacks and data breaches are all too common. Here’s what to do if you’re affected. (Washington Post) Avoiding hacks isn’t always possible, but there are ways to mitigate the damage
Tips for Crafting a Cyber Incident Response Plan (Legal Reader) With cyber attacks on the rise, many small business owners should be prepared to respond to cyber threats that may damage their business operations.
How a cyber-attack simulation could save your school's data (Education Technology) Schools really can't afford to be unaware of the convincing, elaborate and complicated cyber-attacks that may put their data at risk.
Defending Against CONTI Ransomware: Why CISA Urgently Recommends Segmentation (Techwire) Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint cybersecurity advisory surrounding the ongoing wave of Conti ransomware attacks — a ransomware-as-a-service (RaaS) model variant known to have been behind more than…
How to adjust Instagram privacy settings for better cybersecurity (AZ Big Media) Instagram is a great app, but needs some fine tuning from your side in order to be optimally cyber secure. What does being cyber secure mean, though? Well, for the average person this is probably associated with some form of security -which is true. What the average person -someone that doesn’t dabble in advanced cybersecurity- needs to know is that you are not safe online if you don’t properly set up your device, system,!
Academia
SES Expands Partnership with University of Luxembourg With Joint Lab (Via Satellite) SES is expanding its partnership with the University of Luxembourg to encompass more cybersecurity elements, the company announced Oct. 14. Together with the University of Luxembourg’s Interdisciplinary Centre for Security, Reliability and Trust (SnT), the two organizations will create a joint lab that will explore
IoT Hacking and Rickrolling My High School District (WhiteHoodHacker) This is the story of how I created a botnet of IPTVs to rickroll 10,000+ students for my senior prank.
Education sector suffers series of cyber attacks in 2021 (Open Access Government) David Cummins, Tenable, examines how universities are being targeted by a series of cyber attacks in 2021 and what they can do to protect themselves
Legislation, Policy, and Regulation
Biden administration holds meeting on ransomware threat with more than 30 nations and E.U. (Washington Post) Countries including India, Brazil and Ukraine agreed to work together to fight a form of cybercrime that has paralyzed computer systems from hospitals to pipelines.
White House Ransomware Summit Eyes Tighter Global Scrutiny for Crypto (Wall Street Journal) Officials from 31 countries and the EU say uneven enforcement allows hackers to cash in.
Ransomware rises as a national security threat as bigger targets fall (CNET) Governments around the world look for ways to fight back.
Enterprises ask Washington to step up cyber collaboration (SearchSecurity) Panelists at CISA's National Cybersecurity Summit discussed cyber collaboration efforts between the private sector and why it needs improvement.
Rising ransomware attacks have the Justice Department's attention (Washington Post) The Justice Department has partly centralized ransomware investigations, but experts want more consolidation
A former top US election official urges sweeping security improvements, warning 'democracy is in trouble' (CyberScoop) The Cybersecurity and Infrastructure Security Agency’s former lead election security official is recommending comprehensive changes to protect the ballot in future elections, from physical safety upgrades for election workers and federal agency revamps to mandated disclosure of cyber incidents.
Zero Trust: How to Secure American Elections When the Losers Won’t Accept They Lost (Stanford Internet Observatory) In this report, we outline three exigent threats to election processes following the events of the 2020 general election. Then, we provide 11 targeted recommendations to best address these threats ...
U.S. pursues a unique solution to fight hackers. It revolves around esports. (Washington Post) As the United States seeks to shore up its defenses against cyberattacks, the government is seeking to harness the skills of some of the country’s most promising young minds using a model that mirrors competitive video gaming, also known as esports.
China's Hackers to Showcase Zero-Day Exploits at Tianfu Cup (Flashpoint) At this weekend’s Tianfu Cup (天府杯) in Chengdu, some of China’s preeminent hackers will use original methods to break into the devices, software, platforms, and services of the world’s largest technology companies.
Federal Breach Notification Bills: Cybersecurity Pros Should Pay Attention (Dice Insights) Reporting of cybersecurity incidents is likely to speed up, either with the passage of federal law or steps by the Biden administration.
Litigation, Investigation, and Law Enforcement
Bugs in our Pockets: The Risks of Client-Side Scanning (Columbia University) Our increasing reliance on digital technology for personal, economic, and government affairs has made it essential to secure the communications and devices of private citizens, businesses, and governments. This has led to pervasive use of cryptography across society. Despite its evident advantages, law enforcement and national security agencies have argued that the spread of cryptography has hindered access to evidence and intelligence.
Missouri teachers’ Social Security numbers at risk on state agency’s website (Saint Louis Post-Dispatch) The Post-Dispatch discovered the vulnerability in a web application that allowed the public to search teacher certifications and credentials.
Missouri governor vows criminal prosecution of reporter who found flaw in state website (Missouri Independent) Missouri's governor promises to seek prosecution of a reporter and news outlet that discovered a privacy flaw in a state website.
Missouri Gov. Parson targets St. Louis newspaper for prosecution after report on state’s security vulnerability (Kansas City Star) Missouri Gov. Mike Parson on Thursday announced he had referred the St. Louis Post-Dispatch and its reporters for criminal prosecution after the newspaper revealed a security vulnerability it discovered on a state agency’s website.
Missouri gov. calls journalist who found security flaw a “hacker,” threatens to sue (Ars Technica) Governor also threatens to sue paper for finding flaw that exposed teachers' SSNs.
Missouri governor threatens reporter who discovered state site spilling private info (The Verge) A masterclass in how not to handle disclosures.
A newspaper informed Missouri about a website flaw. The governor accused it of ‘hacking.’ (Washington Post) You are reading these words right now because your computer or phone was sent a number of files telling the device what words to display and how they should be formatted. One of those files included HTML, HyperText Markup Language, that uses tags such as <strong> and <a> to tell your browser how to bold or link words and images. It isn’t code, really, just text surrounded by little triggers that your browser knows how to interpret. Since your computer was sent this file, you’re free to look at it. If you’re on your desktop or laptop, find the “View source” command in the menu at the top of your screen. That’s this page’s source code, written in HTML.
Missouri governor faces backlash and ridicule for threatening reporter who discovered exposed teacher SSNs (ZDNet) Governor Mike Parson called a St. Louis Post-Dispatch reporter a "hacker" and threatened criminal prosecution because he notified state officials about a database that exposed the sensitive information of 100,000 educators.
Confused governor says looking at webpage's HTML is criminal hacking (Mashable) Putting on my hacker hoodie and clicking view source.
Missouri Governor Is Extremely Confused About What Constitutes 'Hacking' (Rolling Stone) A journalist found teachers’ Social Security numbers in a publicly available website’s source code and reported the error. Now, Gov. Mike Parson wants to … prosecute him
Police investigating cyberattack against dating app for wealthy users (The Korea Herald) The South Korean police are probing into a suspected hacking attack against a matchmaking app that led to a personal data leak. The police on Friday said the investigation has been underway since late September, after the GoldSpoon app, which has 130,000 users, found evidence of unauthorized access to its internal network. The GoldSpoon, a dating app designed for wealthy and high-income individuals, on Tuesda...
WSJ News Exclusive | Chinese Telecom Giant ZTE in Dispute With U.S. Court-Appointed Monitor (Wall Street Journal) A Dallas lawyer appointed to monitor ZTE’s compliance with export laws has been pushing for a longer term in ways the Justice Department sees as inappropriate, people familiar with the matter say.
Former Boeing Pilot Indicted in Probe of 737 MAX Crashes (Wall Street Journal) A federal grand jury in Texas indicted Mark A. Forkner, alleging that he deceived air-safety regulators about a flight-control system later blamed for sending two 737 MAX jets into fatal nosedives.
Facebook Should Clarify Terms of Service, Irish Privacy Regulator Says (Wall Street Journal) A draft ruling from Ireland’s privacy regulator would require Facebook Inc. to change how it informs users about its data processing but disregards complaints that the social-media giant needs to obtain direct consent for its activities.
Amazon challenges record $865 million EU data protection fine (mint) The challenge comes after CNPD, Luxembourg’s data protection regulator, where Amazon has its EU base, slapped the U.S. tech giant with the fine in July