Security Leftovers
-
The Philadelphia Inquirer ☛ ‘Data security event’ in city’s email system may have exposed health information, Philly officials say
A potential data breach in the City of Philadelphia’s email system earlier this year may have exposed protected health information for an unspecified number of people.
The city became aware on May 24 of suspicious activity in its email system, officials said in a statement Friday. Between May 25 and July 29, an unauthorized user may have gained access to city email accounts that possibly contained protected health information, cybersecurity specialists determined in an investigation that remains ongoing.
-
Bloomberg ☛ Top US Cyber Agency Pushing Toward First [Crack] Reporting Rule
A new US notification requirement for victims of malicious hacks could push in-house counsel to disclose cyberattacks when faced with ransomware and other network compromises.
Among the first-ever cyber regulations to be enforced by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the top US cyber authority, the proposed rules would require companies in 16 critical infrastructure sectors—including healthcare, energy, and finance—to report security incidents within three days and ransomware payments in 24 hours.
CISA’s proposed rule is part of a US effort to shore up defenses against the increasingly disruptive attacks of cyber criminals and nation-backed hacking groups, while simultaneously streamlining overlapping and inconsistent breach-notification reporting requirements across sectors. The rule would nudge companies toward new hiring and staff retraining, and push general counsel toward more active cybersecurity responsibilities.
-
New York Times ☛ The Race to Avert Quantum Computing Threat With New Encryption Standards
Quantum technology could compromise our encryption systems. Can America replace them before it’s too late?
-
SANS ☛ base64dump.py Handles More Encodings Than Just BASE64, (Sun, Oct 22nd)
My tool base64dump.py takes any input and searches for encoded data. By default, it searches for base64 encoding, but I implemented several encodings (like vaious hexadecimal formats):
-
Jamie McClelland ☛ Jamie McClelland: Users without passwords
About fifteen years ago, while debugging a database probem, I was horrified to discover that we had two root users - one with the password I had been using and one without a password. Nooo!
So, I wrote a simple maintenance script that searched for and deleted any user in our database without a password. I even made it part of our puppet recipe - since the database server was in use by users and I didn’t want anyone using SQL statements to change their password to an empty value.
Then I forgot about it.
Recently, I upgraded our MariaDB databases to Debian bullseye, which inserted the
mariadb.sysuser which…. doesn’t have a password set. It seems to be locked down in other ways, but my dumb script didn’t know about that and happily deleted the user. -
Hong Kong Free Press ☛ Hongkong Post latest local entity to suffer a data security breach – over 7,000 customer emails leaked
Hongkong Post has become the latest local entity to suffer a data security breach, with 7,249 registered email addresses exposed.