-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on May 16, 2023
> Security updates have been issued by Debian (golang-websocket, kernel, postgresql-11, and thunderbird), Fedora (firefox, kernel, libreswan, libssh, tcpreplay, and thunderbird), SUSE (dcmtk, gradle, libraw, postgresql12, postgresql13, postgresql14, and postgresql15), and Ubuntu (firefox, nova, and thunderbird).
> The confidentiality of NHS medical records has been thrown into doubt after a “stalker” hospital doctor accessed and shared highly sensitive information about a woman who had started dating her ex-boyfriend, despite not being involved in her care.
> The victim was left in “fear, shock and horror” when she learned that the doctor had used her hospital’s medical records system to look at the woman’s GP records and read – and share – intimate details, known only to a few people, about her and her children.
> “I felt violated when I learned that this woman, who I didn’t know, had managed to access on a number of occasions details of my life that I had shared with my GP and only my family and very closest friends. It was about something sensitive involving myself and my children, about a family tragedy,” the woman said.
> North Korean hackers have stolen $721 million from Japan since 2017, accounting for 30% of the crypto thefts worldwide. According to a study by a U.K.-based compliance specialist, North Korea employs hacking and ransomware to steal crypto assets, especially in Japan, Vietnam and Hong Kong, the leading Asian crypto hubs.
> The Philadelphia Inquirer experienced the most significant disruption to its operations in 27 years due to what the newspaper calls a cyberattack.
> The company was working to restore print operations after a cyber incursion that prevented the printing of the newspaper’s Sunday print edition, the Inquirer reported on its website.
> CrowStrike discovered a new ransomware-as-a-service (RaaS) group — MichaelKors (formerly Qilin) — targeting VMWare ESXi servers since last month.
> The VMWare ESXi is a hypervisor that runs and manages virtual machines (VMs) directly on a dedicated host’s hardware. The products associated with the ESXi platform include VMware vSphere Hypervisor, vCenter, ONE Access or Identity Manager and Horizon.
> Ransomware actors aim to spend the shortest amount of time possible inside your systems, and that means the encryption they employ is shoddy and often corrupts your data. That in turn means restoration after paying ransoms is often a more expensive chore than just deciding not to pay and working from our own backups.
> In April 2023, the class action lawsuit against Illuminate Education was thrown out because the judge in the case determined that the people whose data was impacted by the breach could not show any harm, or any instances of identity theft, from the breach. This decision is both fully in line with past situations where companies have been let off the hook, and completely misrepresents and underestimates the various, different ways people get hurt by data breaches.
> To put it in a different way: the judge’s decision shows how, in some cases, things that are defined as legal don’t come close to what is right. The way we define harm is harmful.
> Some background on the Illuminate data breach, and what can only be described as an epically inept response stretching across months. The impacts of this breach were first observed in New York City public schools in early January.
> Months after agreeing to pay $38.5 million to settle federal charges it violated the False Claims Act by improperly originating and underwriting mortgages insured by the Federal Housing Administration, Utah-headquartered Academy Mortgage now finds itself in the also-unenviable position of having its sensitive files dumped on the dark web by the AlphV (BlackCat) ransomware group.
-- Response ended
-- Page fetched on Thu Jun 13 14:56:46 2024