Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
1.9 Billion Data Records Exposed in First Half of 2017
Oldest First  |  Newest First  |  Threaded View
cybersavior
100%
0%
cybersavior,
User Rank: Strategist
9/20/2017 | 2:30:20 PM
A post-privacy world
It's time to think about how we live and participate in the global financial system with the knowledge that data elements you dutifully protected are now out of control and released.  Your personal data and details are out there.  It's the end of privacy as we know it.  The breaches that this article describes are merely the ones that we know about.  Many/most other companies are or have been owned.  Identification and auhorization need to make a quantum leap in positivity.  Do we submit to chip implantation or choose to live off the financial grid? 
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
9/20/2017 | 3:00:44 PM
Re: A post-privacy world
The data is certainly discouraging,  especially knowing this doesn't include Equifax nor unreported breaches in Europe, pre-GDPR. The common theme among most of these breaches is a failure in basic security hygeine. 
MetLife-dams
50%
50%
MetLife-dams,
User Rank: Apprentice
9/21/2017 | 8:27:58 AM
Re: A post-privacy world
You're totally right, the privacy is already gone. These kind of situation will increase more and more with the time.
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
9/21/2017 | 9:13:31 AM
Re: A post-privacy world
Rule of Life - your data is ALREADY exposed.  From there, you can proceed to at least control of the type of data your have the world SEE.  I am against SS numbers as identifiers and shut down that practice is a good thing.  Keep any financially significant data OFFLINE as much as you canl.  (I mean on secondary hard drives turned OFF and not spinning.)  Passwords - complex, change frequently.  Monitor documents.  But assume you are already exposed and work from there.
mjohnson681
50%
50%
mjohnson681,
User Rank: Apprentice
9/24/2017 | 3:16:32 PM
Make Data Records Worthless for Bad Guys
Instead of trying to continue to unsuccessfully protect data, why not implement sufficient controls to make the data worthless for the bad guys?  See post on LinkedIn.

https://www.linkedin.com/pulse/give-up-cybersecurity-programs-matthew-r-johnson-cpa-cisa


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-25316
PUBLISHED: 2021-04-14
A Insecure Temporary File vulnerability in s390-tools of SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-SP2 allows local attackers to prevent VM live migrations This issue affects: SUSE Linux Enterprise Server 12-SP5 s390-tools versions prior to 2.1.0-18.29.1. SUSE Linux Enterp...
CVE-2021-28797
PUBLISHED: 2021-04-14
A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (an...
CVE-2020-36323
PUBLISHED: 2021-04-14
In the standard library in Rust before 1.50.3, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.
CVE-2021-31162
PUBLISHED: 2021-04-14
In the standard library in Rust before 1.53.0, a double free can occur in the Vec::from_iter function if freeing the element panics.
CVE-2017-20004
PUBLISHED: 2021-04-14
In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions.