Language Selection

English French German Italian Portuguese Spanish

Security FUD

Filed under
Security
  • New Python-based Ransomware Encrypts Virtual Machines Quickly [Ed: This make it sound like a Python issue, but it is a proprietary software issue completely irrelevant to the programming language]

    VMware ESXi datastores rarely have endpoint protection, the researchers noted, and they host virtual machines (VMs) that likely run critical services for the business, making them a very attractive target for hackers. In the threat landscape, it’s like winning the jackpot.

  • Missouri Governor Vows to Prosecute St. Louis Post-Dispatch for Reporting Security Vulnerability

    On Wednesday, the St. Louis Post-Dispatch ran a story about how its staff discovered and reported a security vulnerability in a Missouri state education website that exposed the Social Security numbers of 100,000 elementary and secondary teachers. In a press conference this morning, Missouri Gov. Mike Parson (R) said fixing the flaw could cost the state $50 million, and vowed his administration would seek to prosecute and investigate the “hackers” and anyone who aided the publication in its “attempt to embarrass the state and sell headlines for their news outlet.”

  • Missouri governor threatens criminal prosecution of reporter who found security flaw in state site

    Hancock reports, "The Post-Dispatch discovered the vulnerability in a web application that allowed the public to search teacher certifications and credentials. The Department removed the affected pages from its website Tuesday after being notified of the problem by the Post-Dispatch. Based on state pay records and other data, more than 100,000 Social Security numbers were vulnerable. The newspaper delayed publishing this report to give the Department time to take steps to protect teachers' private information, and to allow the state to ensure no other agencies' web applications contained similar vulnerabilities."

  • Missouri goes after man who looked at source code on state site

    A newspaper in St Louis, Missouri, which discovered that the social security numbers of school teachers, administrators and counsellors across the state were publicly exposed and informed the authorities, has been threatened with unspecified action by the state's governor.

  • Missouri Governor Is Extremely Confused About What Constitutes ‘Hacking’

    Reporter Josh Renaud was browsing a Department of Elementary and Secondary Education web application that lets users search for teachers’ certifications and credentials when he looked at the site’s HTML source code (something that usually requires zero hacking skills, only the use of a right-click). In the source code, he found sensitive data belonging to the state’s teachers, including Social Security numbers and other private information.

  • No it isn’t: Missouri governor says viewing HTML source code containing private data the state published on every page, is a crime

    Republican Gov. Mike Parson on Thursday condemned one of Missouri’s largest newspapers for exposing a flaw in a state database that allowed public access to thousands of teachers’ Social Security numbers, even though the paper held off from reporting about the flaw until after the state could fix it.

  • Gov. Parson threatens legal action against reporter who exposed flaw on state education department’s website

    The reporter found hundreds of thousands of Missouri educators' social security numbers were accessible to the public in the HTML code for the Missouri Department of Elementary and Secondary Education's website.

    Parson said the Cole County prosecutor and the Missouri State Highway Patrol Digital Investigations Unit are now investigating the incident and it could cost taxpayers up to $50 million.

  • Missouri Governor Says HTML Source Code ‘Decoded’ by ‘Hacker’ Reporter

    Gov. Mike Parson of Missouri announced that an individual stole Social Security numbers after they “decoded the HTML source code.” However, a local media publication is disputing this claim and saying the individual was their own reporter who warned Parson’s administration about the security flaw and let them fix it before reporting about it. The word “SSNs” began trending on Twitter after Parson’s announcement, as people pointed out that if the Social Security numbers were in the source code, that meant they were easily viewable by just hitting F12.