Author Archives: Joe Uchill

Apple nixes feature that let its apps skip VPNs and firewalls, after criticism from researchers

The software essentially exempted Apple’s own programs from being routed through its Network Extension Framework, which the company created for third-party security products to monitor and filter network traffic.

The post Apple nixes feature that let its apps skip VPNs and firewalls, after criticism from researchers appeared first on SC Media.

Continue reading

Posted in Firewall, Network Security, Security News, Software and solutions | Comments Off on Apple nixes feature that let its apps skip VPNs and firewalls, after criticism from researchers

Perils of coding errors play out in Parler slip up

Applied to internet applications in general, the IDOR problems that led to the Parler exposure could extend to anything stored sequentially and not secured individually — receipts, posts, and in many instances entire accounts.

The post Perils of coding errors play out in Parler slip up appeared first on SC Media.

Continue reading

Posted in Application Security, Featured, Privacy, Security News, Social Media | Comments Off on Perils of coding errors play out in Parler slip up

Feds will weigh whether cyber best practices were followed when assessing HIPAA fines

Organizations that can show they did their due diligence in protecting medical information will be better off, should a breach occur.

The post Feds will weigh whether cyber best practices were followed when assessing HIPAA fines appeared first on SC Media.

Continue reading

Posted in Breach, Compliance, Health Care, Healthcare, Security News | Comments Off on Feds will weigh whether cyber best practices were followed when assessing HIPAA fines

The 2020 SolarWinds reality check: As cleanup continues, community considers implications

What might go down as the most consequential story of the year for the cybersecurity community only surfaced in December. And yet, experts predict years of clean up, both physical and political, and potential shifts in how the nation secures the supply chain.

The post The 2020 SolarWinds reality check: As cleanup continues, community considers implications appeared first on SC Media.

Continue reading

Posted in Breach, Data Breach, Featured, Security News, Third-party risk, Year in Review | Comments Off on The 2020 SolarWinds reality check: As cleanup continues, community considers implications

Ticketmaster fined $10 million in corporate espionage scheme

Ticketmaster tried to steal both a client and design ideas from a competitor by logging into the back-end system with a former employer’s login credentials.

The post Ticketmaster fined $10 million in corporate espionage scheme appeared first on SC Media.

Continue reading

Posted in Breach, Corporate News, Data Breach, Legal, Legal Action, Security News | Comments Off on Ticketmaster fined $10 million in corporate espionage scheme

A new year, a new administration: Doors open in 2021 for public-private cooperation

While much is speculative, a few aspects of how the government’s information security interactions with the private sector have begun to crystalize.

The post A new year, a new administration: Doors open in 2021 for public-private cooperation appeared first on SC Media.

Continue reading

Posted in Featured, Government, Government/Defense, Security News, Threat intelligence, Year in Review | Comments Off on A new year, a new administration: Doors open in 2021 for public-private cooperation

Treasury asks financial sector to watch out for COVID vaccine scams, ransomware

The Financial Crime Enforcement Network detailed for banks or other financial services organizations potential issues, asking the sector to be particularly attuned to ransomware attacks on distribution networks and the supply chains for the manufacture of vaccines.

The post Treasury asks financial sector to watch out for COVID vaccine scams, ransomware appeared first on SC Media.

Continue reading

Posted in Cybercrime, Government/Defense, Phishing, Ransomware, Security News | Comments Off on Treasury asks financial sector to watch out for COVID vaccine scams, ransomware

Data questions remain as UK exits EU

For U.S. firms, whose home nation already has different privacy laws state by state, a new U.K. regime might be one more for the pile.

The post Data questions remain as UK exits EU appeared first on SC Media.

Continue reading

Posted in Privacy, Privacy &Compliance News and Analysis, Security News | Comments Off on Data questions remain as UK exits EU