Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Lawsuits Pile Up on Uber
Newest First  |  Oldest First  |  Threaded View
szurier210
50%
50%
szurier210,
User Rank: Moderator
12/1/2017 | 10:01:32 AM
Re: Multiple states
It's not clear to me the Attorney Generals trade association has enough critical mass on this issue yet to move forward in any meaningful way. Only a handful of states have made noise. Check out their landing page on data breach notification, it is very old information. No, I think for now you will see the lawsuits pile up and you won't see much movement at the federal level. Sigh. 
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
11/30/2017 | 8:39:47 PM
Multiple states
One thing to bear in mind while watching these lawsuits. Because they are being brought by multiple state governments, you can be sure that the respective consumer-protection departments/bureaus of each state AG's office are collaborating with each other via the National Association of Attorneys General -- right down to sharing discovery documents.

At first I was kind of surprised they didn't go the multistate class-action route, but it occurs to me that the impact is much more easily parsed out because X number of user accounts were definitively breached.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3591
PUBLISHED: 2021-08-05
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2021-3642
PUBLISHED: 2021-08-05
A flaw was found in Wildfly Elytron where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality. This flaw affectes Wildfly Elytron versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final.
CVE-2021-3655
PUBLISHED: 2021-08-05
A vulnerability was found in the Linux kernel in versions before v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.
CVE-2021-32003
PUBLISHED: 2021-08-05
Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows local attacker to capture credentials if the service is used after provisioning. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware.
CVE-2021-34633
PUBLISHED: 2021-08-05
The Youtube Feeder WordPress plugin is vulnerable to Cross-Site Request Forgery via the printAdminPage function found in the ~/youtube-feeder.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.0.1.