ノーマルビュー

Received — 2020年11月27日 Slashdot

US Fertility Says Patient Data Was Stolen in a Ransomware Attack

✇Slashdot
著者: msmash
2020年11月27日 01:06
U.S. Fertility, one of the largest networks of fertility clinics in the United States, has confirmed it was hit by a ransomware attack and that data was taken. From a report: The company was formed in May as a partnership between Shady Grove Fertility, a fertility clinic with dozens of locations across the U.S. east coast, and Amulet Capital Partners, a private equity firm that invests largely in the healthcare space. As a joint venture, U.S. Fertility now claims 55 locations across the U.S., including California. In a statement, U.S. Fertility said that the hackers "acquired a limited number of files" during the month that they were in its systems, until the ransomware was triggered on September 14. That's a common technique of data-stealing ransomware, which steals data before encrypting the victim's network for ransom. Some ransomware groups publish the stolen files on their websites if their ransom demand isn't paid. U.S. Fertility said some personal information, like names and addresses, were taken in the attack. Some patients also had their Social Security numbers taken. But the company warned that the attack may have involved protected health information.

Read more of this story at Slashdot.

Sophos Notifies Customers of Data Exposure After Database Misconfiguration

✇Slashdot
著者: msmash
2020年11月27日 00:07
UK-based cyber-security vendor Sophos is currently notifying customers via email about a security breach the company suffered earlier this week. From a report: "On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support," the company said in an email sent to customers and obtained by ZDNet. Exposed information included details such as customer first and last names, email addresses, and phone numbers (if provided).

Read more of this story at Slashdot.

hCaptcha Runs On 15% Of the Internet

✇Slashdot
著者: BeauHD
2020年11月26日 19:00
In a blog post, hCaptcha announced that its bot detector is running on about 15% of the internet, adding they they "took most of this market share directly from Google reCAPTCHA." From the post: Competing with Google and other Big Tech companies seems like a tall order: their monopolistic market power, platform effects and army of highly paid developers are generally considered too powerful to tackle for anyone but other tech giants such as Facebook or Amazon. Our story shows that it doesn't have to be that way -- you can beat Big Tech by focussing on privacy. Consider Google reCAPTCHA, which consumes enormous amounts of behavioral data to determine whether web users are legitimate humans or bots. At hCaptcha, we have deliberately taken a very different approach, using privacy-preserving machine learning techniques to identify typical bot behaviors at high accuracy, all while consuming and storing as little data as possible. Google is an ad company, and their security products look very much like their ad products: they track user behavior on every page of a website and across the web. We designed hCaptcha to be as privacy-friendly as possible from day one. This led to a completely different approach to the problem. As it turns out, tracking users across the web and tying their web history to their identity is completely unnecessary for achieving good security. The many companies that have switched over to hCaptcha often report equal or better performance in bot detection and mitigation despite our privacy focus. A growing number of critics have pointed out that Google's disregard for user privacy should concern customers looking to protect their websites and apps. At the same time, stopping bots from accessing publisher sites can reveal ad fraud, pitting Google's reCAPTCHA product directly against their ad business, which produces over 80% of their revenue. Every bot Google detects should be earning zero ad dollars. Google's company incentives are thus poorly aligned with the users of their security services, and this may be one explanation for the poor performance of their reCAPTCHA security offering.

Read more of this story at Slashdot.

2FA Bypass Discovered In Web Hosting Software cPanel

✇Slashdot
著者: BeauHD
2020年11月26日 07:28
An anonymous reader quotes a report from ZDNet: Security researchers have discovered a major security flaw in cPanel, a popular software suite used by web hosting companies to manage websites for their customers. The bug, discovered by security researchers from Digital Defense, allows attackers to bypass two-factor authentication (2FA) for cPanel accounts. These accounts are used by website owners to access and manage their websites and underlying server settings. Access to these accounts is critical, as once compromised, they grant threat actors full control over a victim's site. On its website, cPanel boasts that its software is currently used by hundreds of web hosting companies to manage more than 70 million domains across the world. But in a press release today, Digital Defense says that the 2FA implementation on older cPanel & WebHost Manager (WHM) software was vulnerable to brute-force attacks that allowed threat actors to guess URL parameters and bypass 2FA -- if 2FA was enabled for an account. While brute-forcing attacks, in general, usually take hours or days to execute, in this particular case, the attack required only a few minutes, Digital Defense said today. Exploiting this bug also requires that attackers have valid credentials for a targeted account, but these can be obtained from phishing the website owner. The good news is that Digital Defense has privately reported the bug, tracked as SEC-575, to the cPanel team, which has already released patches last week.

Read more of this story at Slashdot.

❌