Commentaries and Analyses

NordVPN, TorGuard and VikingVPN disclose security breaches

João Silva writes: NordVPN, one of the most well-known VPN provider, had confirmed a security breach in early 2018. At fault, there’s the data centre provider from Finland, where the server was hosted. The data centre provider used an insecure remote management system that NordVPN was “unaware” of.  Although NordVPN seems to be playing down the...

UK: Ex-Met detective loses court battle over payout for data breach

Diane Taylor reports: A former Metropolitan police detective who successfully sued the force for wrongly using its powers to investigate her has lost her eight-year court battle to hold the police to account. Andrea Brown said after a new ruling against her she might become homeless paying the police’s costs. “It can’t be right that the...

Hackers Breach Avast Antivirus Network Through Insecure VPN Profile

Ionut Ilascu reports: Hackers accessed the internal network of Czech cybersecurity company Avast, likely aiming for a supply chain attack targeting CCleaner. Detected on September 25, intrusion attempts started since May 14. Following an investigation, the antivirus maker determined that the attacker was able to gain access using compromised credentials via a temporary VPN...

Russian cyberattack unit ‘masqueraded’ as Iranian hackers, UK says

Helen Warrell in London and Henry Foy report: A Russian cyber espionage unit has hacked Iranian hackers to lead attacks in more than 35 countries, a joint UK and US investigation has revealed. The so-called Turla group, which has been linked with Russian intelligence, allegedly hijacked the tools of Oilrig, a group widely linked to...

Everything’s broken, Monday edition (medical data leaks)

It seems that every week I hear from researchers who find patient data or medical data exposed.  And I know some of them spend inordinate amounts of time trying to contact entities to get them to secure their unsecured sensitive data. Some of these researchers do this for no pay and no expectation or...