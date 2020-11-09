Security Leftovers
US Cybersecurity Director Expecting To Be Fired After Refusing To Edit Page Debunking Election Hacking Myths
One of the few parts of the federal government that hasn't dissolved into a complete partisan trash heap was the newly created Cybersecurity and Infrastructure Security Agency (CISA), a division of Homeland Security that was created as part of the problematic CISA bill five years ago. While we were disappointed in many aspects of the bill itself, as an organization CISA has done some pretty good work in coordinating and dealing with cybersecurity threats. Throughout the tech industry I've heard nothing but good things about CISA as a government organization, and its director Chris Krebs (as well as the staff of CISA). Indeed, I've heard from many companies preparing for this year's election how useful CISA has been in providing clear and useful information regarding potential cybersecurity threats.
That first CVE was a fun find, for sure.
In the late 90s, hackers who discovered vulnerabilities would sometimes send an email to Bugtraq with details. Bugtraq was a notification system used by people with an interest in network security. It was also a place that might have been monitored by employees of software companies looking for reports of vulnerabilities pertaining to their software. The problem was - there wasn't an easy way to track specific vulnerabilities in specific products.
It was May 1999. Larry Cashdollar was working as a system administrator for Bath Iron Works under contract by Computer Sciences Corporation. Specifically, he was a UNIX Systems Administrator, level one. His team managed over 3,000 UNIX systems across BIW's campuses. Most of these were CAD systems used for designing AEGIS class destroyers. This position gave me access to over 3,000 various flavors of UNIX ranging from Sun Solaris to IBM AIX.
Software vendor says data breach exposed nearly 28 million Texas driver's license records [iophk: Windows TCO]
The company, Vertafore, said in a statement posted on a website set up to address the breach that the data was exposed between March and August and affected licenses issued before February 2019.
Exposed data included driver’s license numbers, addresses, dates of birth and vehicle registration history, according to the company. The group said that no Social Security numbers or financial account information were compromised.
The breach happened after three files were accessed by an unauthorized user after the files were “inadvertently stored in an unsecured external storage service,” Vertafore said in its statement.
[Old] Vertafore to be Acquired by Roper Technologies
Vertafore, the leader in modern insurance technology, today announced that it will be acquired by Roper Technologies, Inc. (NYSE: ROP), a leading diversified technology company. Roper will acquire Vertafore from Bain Capital Private Equity and Vista Equity Partners with the acquisition expected to close in the third quarter, subject to regulatory approval and customary closing conditions.
[Old] Vertafore and Microsoft Partner for Insurance Solutions
Vertafore, a provider of insurance technology, today launched Vertafore Agency SalesTrack, a customer relationship management (CRM) system built on Microsoft Dynamics CRM.
