Security Leftovers
-
Security updates for Wednesday [LWN.net]
Security updates have been issued by Fedora (chromium, ghostscript, glusterfs, netatalk, php-Smarty, and skopeo), Mageia (ghostscript, imgagmagick, ipmitool, openssl, sudo, thunderbird, tigervnc/x11-server, and vim), Oracle (curl, haproxy, and postgresql), Red Hat (curl, haproxy, httpd:2.4, kernel, kernel-rt, kpatch-patch, and postgresql), Slackware (mozilla), SUSE (firefox), and Ubuntu (dotnet6, dotnet7, firefox, json-smart, linux-gcp, linux-intel-iotg, and sudo).
-
Over a Million Financial Records Exposed in Data Incident Involving Fintech Company
Cybersecurity researcher Jeremiah Fowler discovered and reported to WebsitePlanet a non-password protected database that contained a large number of PDF documents.
The PDF documents that were made public included invoices from both individuals and businesses who used an app to pay for products and services. The invoices contained names, email addresses and physical addresses, phone numbers, and more. In addition, the documents also included notes about what the payment was for, the total amount, due date, and some even contained tax information such as a tax id number.
Upon further research, it was identified that the database belonged to NorthOne Bank, a financial technology company that is used by over 320,000 American businesses (based on information on their website). It is worth noting that NorthOne is not a full service bank. Banking services to NorthOne Bank are provided by The Bancorp Bank, which is also a member of the Federal Deposit Insurance Corporation (FDIC), a government agency that provides deposit insurance to financial institutions. NorthOne Bank has offices in New York, USA and Toronto, Canada and its services are available throughout North America.
-
Looks like Karakurt is back… (Update 1)
And they have added two medical entities to their leak site today — Medicalodges in Kansas and Petaluma Health Center in California. They provide no proof for either claim, and neither entity has any notice on their respective sites about any incident, so for now, these are unconfirmed claims.
-
How the Federal Tort Claims Act Extricates Certain Health Care Providers From Data Breach Class Action Suits
Data breach class action litigation continues to occupy center stage in the ongoing struggle to secure compensation and redress for legitimate victims of actionable cybersecurity shortcomings of data owners. The underlying scenarios in these cases encompass criminal hacking episodes, rogue employees, carelessness and unforeseen material gaps in cybersecurity and patch management. The one-size-fits-all approach to typical class actions, however, frequently places health care providers at the mercy of the plaintiff class action bar, and courts may be reluctant to dismiss or meaningfully curtail these cases in the early phases. Yet hope may be on the horizon. For example, in a new wave of cases, certain federally funded community health centers have used the Federal Tort Claims Act as an avenue for substituting the United States as the proper defendant in data breach cases.
-
Push to ban ransomware payments following Australia’s biggest cyberattack
The Australian government is being pushed to ban the payment of cyber ransoms, usually demanded in cryptocurrency, following a local business suffering a mass data breach and subsequent ransom demand.
-
'Headlight Hackers' Are Stealing Cars Via CAN Interference
Car thieves have found a sophisticated new way to snatch vehicles off the streets, and it’s called “headlight hacking.” The method involves accessing a car’s Controller Area Network (CAN) bus, a system that allows multiple devices within a vehicle build to communicate with each other in real time.
Ian Tabor, an automotive cybersecurity researcher, first began tracking the trend last spring. Tabor woke up to find the front bumper missing from his Toyota RAV4 and the headlight wiring plug yanked out. A screwdriver mark indicated that the vandalism had been intentional. Three months later, Tabor found that someone had pulled the bumper away in the middle of the night to unplug the driver’s side headlight. Then, after three days, whoever had been playing the long game with Tabor’s car finished the deed: The RAV4 disappeared from the curb in front of Tabor’s home.
-
HHS Office for Civil Rights Announces the Expiration of COVID-19 Public Health Emergency HIPAA Notifications of Enforcement Discretion
Today, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announces that the Notifications of Enforcement Discretion issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act during the COVID-19 public health emergency will expire at 11:59 pm on May 11, 2023, due to the expiration of the COVID-19 public health emergency.
“OCR exercised HIPAA enforcement discretion throughout the COVID-19 public health emergency to support the health care sector and the public in responding to this pandemic,” said Melanie Fontes Rainer, OCR Director. “OCR is continuing to support the use of telehealth after the public health emergency by providing a transition period for health care providers to make any changes to their operations that are needed to provide telehealth in a private and secure manner in compliance with the HIPAA Rules.”