ray, Author at Easy Cloud

November 16, 2021November 16, 2021

Ransomware Attack Hits Universal Health Services

Computer systems at Universal Health Services Inc., one of the nation’s largest hospital chains, were taken offline after a malicious software attack crippled the company’s computers and led it to cancel some surgeries and divert some ambulances.

The company took down …

August 30, 2019August 30, 2019

Flaws in widely used corporate VPNs put company secrets at risk

Researchers have found several security flaws in popular corporate VPNs which they say can be used to silently break into company networks and steal business secrets.

Devcore researchers Orange Tsai and Meh Chang, who shared their findings with TechCrunch ahead …

August 24, 2019August 24, 2019

A new Facebook privacy flaw allowed thousands of children on Messenger Kids to enter group chats with strangers

Facebook’s Messenger Kids is supposed to provide parents complete control over who their children chat can with on the app. But as The Verge reported on Monday, that key promise appears to have been broken, thanks to a design flaw …

August 23, 2019August 23, 2019

Why the Federal Government Sucks at Cyber Security

A new report out today from the software security firm Veracode found that civilian federal agencies — those largely unconnected to the military or intelligence communities — rank dead last in fixing security problems in the software they build and …

August 3, 2019August 3, 2019

IBM didn’t inform people when it used their Flickr photos for facial recognition training

IBM took nearly a million photos from Flickr, used them to figure out how to train facial recognition programs, and shared them with outside researchers. But as NBC points out, the people photographed on Flickr didn’t consent to …

April 18, 2019April 18, 2019

Understanding Baselines and Impact Levels in FedRAMP

The FedRAMP PMO fields a number of questions about impact levels and the security categorization of cloud services. Federal Information Processing Standard (FIPS) 199 provides the standards for categorizing information and information systems, which is the process CSPs use to …

April 18, 2019April 18, 2019

US Ballistic Missile Systems Have No Antivirus, No Data Encryption, and No 2FA, DOD Report Finds

An anonymous reader writes from a report via ZDNet:

No data encryption, no antivirus programs, no multi-factor authentication mechanisms, and 28-year-old unpatched vulnerabilities are just some of the cyber-security failings described in a security audit of the U.S.’ ballistic missile …

April 16, 2019April 16, 2019

New Report: Unknown Data Scraper Breach

We have previously published reports on several data breaches that exposed personal data. One of the cases featured a MongoDB database that contained a large amount of scraped LinkedIn data, first identified as open to public access on October 5th.…

April 16, 2019April 16, 2019

Big tech has your kid’s data — and you probably gave it to them

Many parents today enjoy posting about their family on social media. But along with those adorable photos, they are sharing crucial data about their children that big tech companies are harvesting.

A recent study focusing on the “datafication” of children …

February 1, 2019February 1, 2019

Palo Alto Networks inks $173M deal to acquire cloud security startup RedLock

Palo Alto Networks Inc. today announced that it has agreed to buy RedLock Inc., a competitor focused on securing cloud environments, in an all-cash deal worth $173 million.

The purchase is the latest in a series of nine-figure acquisitions that …