Attacks/Breaches

12/11/2017
09:00 AM
Connect Directly
Twitter
Twitter
RSS
E-Mail

Post-Breach Carnage: Worst Ways The Axe Fell in 2017

Executive firings, stock drops, and class action settlements galore, this year was a study in real-world repercussions for cybersecurity lapses.
2 of 10

Don't Let the Door Hit Uber's CSO on the Way Out

Uber's massive data breach of 57 million accounts and its $100,000 effort to hire hackers came under the watch of already embattled former CEO Travis Kalanick, so this was a case where there was no chief executive to can as a result of poor security and unethical handling of subsequent problems. But you'd better believe somebody was getting shown the door, so it was hardly surprising when the company announced CSO Joe Sullivan and his deputy Craig Clark were given their pink slips for their role in this developing debacle.

(Image by Gang, via Adobe Stock)

Don't Let the Door Hit Uber's CSO on the Way Out

Uber's massive data breach of 57 million accounts and its $100,000 effort to hire hackers came under the watch of already embattled former CEO Travis Kalanick, so this was a case where there was no chief executive to can as a result of poor security and unethical handling of subsequent problems. But you'd better believe somebody was getting shown the door, so it was hardly surprising when the company announced CSO Joe Sullivan and his deputy Craig Clark were given their pink slips for their role in this developing debacle.

(Image by Gang, via Adobe Stock)

2 of 10
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11771
PUBLISHED: 2018-08-16
When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an infinite stream,...
CVE-2018-1715
PUBLISHED: 2018-08-16
IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 14700...
CVE-2017-13106
PUBLISHED: 2018-08-15
Cheetahmobile CM Launcher 3D - Theme, wallpaper, Secure, Efficient, 5.0.3, 2017-09-19, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.
CVE-2017-13107
PUBLISHED: 2018-08-15
Live.me - live stream video chat, 3.7.20, 2017-11-06, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.
CVE-2017-13108
PUBLISHED: 2018-08-15
DFNDR Security Antivirus, Anti-hacking & Cleaner, 5.0.9, 2017-11-01, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.