Tux Machines
Posted by Roy Schestowitz on May 28, 2023
=> Programming Leftovers | Celebrating 20 Years of WordPress (UPDATED)
Defense attorneys for the two Maryland doctors accused of providing the private medical records of patients to help the Russian government rested their cases on Friday afternoon.
=> ↺ Infostealers: a threat that is still largely (too) stealthy
In September, Britton White and PogoWasRight.org teamed up to produce an explainer and caution about infostealers that was oriented to the public. Our article, Redline: Storing Passwords in your Browser Can Ruin Your Life (But Will Make Criminals VERY Happy!) included cautions about employees who work from home and who might have their login credentials to their work environment compromised by infostealers. We also asked lawyers what employers could do about the risks posed.
=> ↺ Infostealers: a threat that is still largely (too) stealthy
What is the secret to the insolent success of credential-stealing malware, the infostealers ? Their ability to pass through the nets of workstation protection systems (PPE), or even threat detection and response systems (EDR) – or almost! Unless it's greed. Investigation.
The Redline infostealer generates, for each compromised machine, a file named UserInformation.txt . In it, under the line “Antiviruses:” is the list of EPPs, EDRs, even firewalls, installed on the PC and whose identification data will have been looted.
=> ↺ Is Google Chrome Listening to You?
There have been allegations that the popular web browser, Google Chrome, can potentially listen to both your media and you, leading some to develop conspiracy theories to attract more supporters. It's crucial to examine what Google Chrome is doing in the background and determine if it is monitoring your activities.
Since this issue has implications for everyone's safety and privacy, it's important to take a closer look.
What are the odds that a data breach will be revealed on the Friday afternoon of a three-day holiday weekend?
Well, as anyone who has reported on breaches for a while knows, the odds are high. Today, DataBreaches reports two breaches that were disclosed on Friday. Whether the hope was that fewer people would notice them because they took off for the holiday or because there were more honorable intentions in disclosing on a Friday of a holiday weekend is unknown to DataBreaches. DataBreaches may find other Friday disclosures, but for now, we start with these:
[...]
Onix Group LLC in Pennsylvania also issued a press release yesterday. Their notice was provided on their own behalf and on behalf of Addiction Recovery Systems, Cadia Healthcare, Physician’s Mobile X-Ray, and Onix Hospitality Group.
Onix reports they were the victim of a ransomware attack on March 27 and the attacker had accessed their network, corrupted some systems, and exfiltrated some files between March 20 and March 27.
=> ↺ NHS data breach: trusts shared patient details with Facebook without consent
NHS trusts are sharing intimate details about patients’ medical conditions, appointments and treatments with Facebook without consent and despite promising never to do so.
An Observer investigation has uncovered a covert tracking tool in the websites of 20 NHS trusts which has for years collected browsing information and shared it with the tech giant in a major breach of privacy.
The data includes granular details of pages viewed, buttons clicked and keywords searched. It is matched to the user’s IP address – an identifier linked to an individual or household – and in many cases details of their Facebook account.
=> ↺ NHS data breach: trusts shared patient details with Facebook without consent
It seems that the Meta pixel issue that made headlines in the U.S. last June may first be hitting the NHS in the UK. Shanti Das reports: [...]
=> gemini.tuxmachines.org This content has been proxied by September (ba2dc).Proxy Information
text/gemini;lang=en-GB