Tux Machines
Posted by Roy Schestowitz on Mar 28, 2023
=> GNU/Linux on the Desktop/Laptop | Debian 12 Bookworm: Best New Features
=> ↺ 2023-03-21CISA Releases Eight Industrial Control Systems Advisories
=> ↺ 2023-03-22Windows 11 security flaw exposes cropped-out screenshot data
=> ↺ 2023-03-21Romania detains 3 Dutch people for phishing scams; Fourth held in Enschede
=> ↺ Security updates for Monday [LWN.net]
Security updates have been issued by Debian (libreoffice and xen), Fedora (chromium, curl, and xen), Red Hat (kernel, kernel-rt, kpatch-patch, and thunderbird), Scientific Linux (thunderbird), Slackware (tar), SUSE (apache2, ceph, curl, dpdk, helm, libgit2, and php7), and Ubuntu (firefox and thunderbird).
Millions of Australian and New Zealand customers have had their records stolen in the attack on Latitude Financial announced a fortnight ago.
The data includes up to 7.9 million drivers licence numbers and 53,000 passport numbers.
The attack is the largest-known data breach on a financial institution in Australia.
Here's what we know about the Latitude hack so far.
=> ↺ Crown Resorts says ransomware group claims accessing some of its files
Crown Resorts said on Monday a ransomware group had contacted the company, claiming that they had gained access to some files related to Australia's biggest casino operator following a data breach at a file transfer service GoAnywhere.
"We were recently contacted by a ransomware group who claimed they have illegally obtained a limited number of Crown files," a spokesperson of the formerly listed firm said in a statement.
=> ↺ The criminal use of ChatGPT – a cautionary tale about large language models
In response to the growing public attention given to ChatGPT, the Europol Innovation Lab organised a number of workshops with subject matter experts from across Europol to explore how criminals can abuse large language models (LLMs) such as ChatGPT, as well as how it may assist investigators in their daily work.
=> ↺ Twitter takes legal action after source code leaked online
=> ↺ Updating: Cyberattack against CHRU Brest: what happened
In a March 11 post about non-U.S. hospitals that had been victims of cyberattacks, DataBreaches had noted a report about CHU-BREST. Valéry Rieß-Marchive of LeMagIT has an update and more details on the incident.
=> ↺ No need to hack when 682,000 medical records are leaking, Monday edition
On March 15, DataBreaches was contacted by a researcher who had found a “bunch of medical docs.” The files included patient intake evaluations, laboratory results, medical records requests, insurance information forms, treatment or consultation notes, and other files you would expect to see in a patient’s records. The patients all appeared to be in Texas, and there were almost 683,000 files.
When the researcher couldn’t determine who owned the data, they requested DataBreaches’ help. The researcher’s confusion was understandable. There appeared to be scanned documents from numerous doctors and medical groups, although certain names cropped up more than others. Most of the files were scanned pdf files and many were more than a decade old. The most recent files appeared to be dated in 2018 or so.
=> ↺ NYS Secures $200,000 from Law Firm for Failing to Protect New Yorkers’ Personal Data
According to the filing, the law firm’s server was vulnerable to attack in November 2021 because they had not patched a vulnerability reported by Microsoft months earlier in April and May. A patch had been made available by Microsoft at around the the time as the vulnerability report.
=> gemini.tuxmachines.org This content has been proxied by September (ba2dc).Proxy Information
text/gemini;lang=en-GB