<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 8/19/2021

SHARE

Breaches

Data breach from contact tracing survey 'low risk' to Hoosier privacy, 750,000 affected

The Indiana Department of Health announced Tuesday it is notifying nearly 750,000 Hoosiers that data from the state's COVID-19 online contact tracing survey was improperly accessed back in July. The data included name, address, email, gender, ethnicity and race, and date of birth. "We believe the risk to Hoosiers whose information was accessed is low," said State Health Commissioner Kris Box, M.D., FACOG. "We will provide appropriate protections for anyone impacted." READ MORE...


US Census Bureau Slammed for 2020 Breach

The US Census Bureau has been heavily criticized by a government inspector after a 2020 breach which could have been prevented by prompt patching. Although the attacker was not able to access servers used for the 2020 census, they could modify user account data to prepare for remote code execution, according to the US Office of Inspector General (OIG) report. Fortunately, the attacker's attempt to maintain access to the system by creating a backdoor was unsuccessful, thanks to the Bureau's firewalls. READ MORE...

Hacking

Liquid cryptocurrency exchange loses $94 million following hack

Japan-based cryptocurrency exchange Liquid has suspended deposits and withdrawals after attackers have compromised its warm wallets. Liquid is one of the largest cryptocurrency-fiat exchange platforms worldwide (based on daily traded spot volume). The exchange has more than 800,000 customers from over 100 countries and says that it reached a $1.1B+ daily trade volume this year. READ MORE...

Information Security

Ohio man pleads guilty to role in $300-million cryptocurrency laundering service

A 38-year-old Ohio man has pleaded guilty to his role in a cryptocurrency laundering service that moved some $300 million on behalf of dark web marketplaces and other clients, the Justice Department said Wednesday. Larry Dean Harmon admitted to running Helix, a popular service for concealing the source of bitcoin transactions, from 2014 to 2017. Helix allegedly worked with AlphaBay, a notorious $1 billion marketplace for hacking tools and drugs that security researchers recently warned could be coming back online. READ MORE...


How to spot a DocuSign phish and what to do about it

Phishing scammers love well known brand names, because people trust them, and their email designs are easy to rip off. And the brands phishers like most are the ones you're expecting to hear from, or wouldn't be surprised to hear from, like Amazon or DHL. Now you can add DocuSign to that list. DocuSign is a service that allows people to sign documents in the Cloud. Signing documents electronically saves a lot of paper and time. READ MORE...

Exploits/Vulnerabilities

BlackBerry faces bad PR by failing to go public with BadAlloc vulnerability

Anyone who has ever traveled knows that bedbugs are the kiss of death for a hotel, and possibly the franchise, as no one likes to get bit. BlackBerry is hoping the analogy doesn't transfer to the bugs found in its QNX embedded operating system. The company opted to quietly handle the vulnerability with its partners, apparently hoping the public wouldn't get a whiff of the bad news. READ MORE...

On This Date

  • ...in 1871, engineer and aviation pioneer Orville Wright, co-inventor of the first successful motorized airplane, is born in Dayton, OH.
  • ...in 1906, early TV pioneer Philo Farnsworth, inventor of the first electronic television system, is born in Beaver, UT.
  • ...in 1960, Chubby Checker performs "The Twist" on Dick Clark's weekly variety show, inspiring a worldwide dance craze.
  • ...in 2004, Google Inc. holds its initial public offering of stock on NASDAQ at $85 per share.