Security News for the Week Ending November 11, 2022
AstraZeneca Learns About Cloud Security – As Should You
Apparently, AstraZeneca left credentials to an internal server on GitHub for over a year. The credentials granted access to a test SalesForce environment that contained patient data. Once TechCrunch told them about it, they made the repository private. Who found that repo, who found the credentials, who checked out the SalesForce environment and who downloaded the patient data are all unknown. Are you sure this didn’t already happen to you in some form? How would you know? Credit: Nightfall
In Light of Twitter Chaos, Mastadon Now Has a Million Users
Mastadon, the open source alternative to Twitter is growing rapidly in light of what is going on at Twitter. Still tiny, but rapidly growing. Probably something the folks at Twitter don’t like. Credit: Bleeping Computer
Twitter Users Reluctant to Pay for Checkmark
In a small survey (1,250 US adults), only 28% would pay the $8 a month fee for Twitter’s proposed checkmark. On the other hand, if a quarter of Twitter’s 250 million users are really willing to pay $8 a month for the service, that could change a lot in the social media world. Basically, you would then have a two tier platform – the so called haves and have nots. Would that cause the rest of the people to feel like outcasts and use the platform less or leave? Unknown. In addition 25% say that the new proposal would improve the user experience while 45% say it would not. This is still really early, so we will watch what happens. If it is really done right, which they still figuring out, it should improve security. Credit: Cybernews
The Continuing Saga of Twitter’s Paid Blue Checkmark
The whole purpose of the checkmark is to be able to differentiate scammers from legitimate users. Whatever Twitter is doing, isn’t quite working. At least not yet. And it is embarrassing. Accounts impersonating Nintindo, Steam, Donald Trump, Lebron James, Rudy Giuliani and others appeared on the first day of operation. Twitter is trying to stomp these accounts out as the find them, but it is a game of whack-a-mole at the moment. Musk framed this as a win for Twitter because they got to keep the scammer’s $8 — which probably came from a stolen credit card, so not really. And the process is certainly costling them more than $8. They will probably sort things out, but it is not, at least initially, turning out as they hoped. Credit: Vice
Texas Hospital Ransomware Attack Gets Worse Over Time
Texas-based Oakbend Medical Center ransomware attack that even knocked out phones and email for weeks is getting worse. They have finally figured out that the hackers stole medical records for half a million patients. They say that they don’t believe the crooks were able to remove complete medical records but did steal personal and medical information. Apparently, they didn’t plan well enough and a half million customers get to pay the price. Oh yeah, and a whole bunch of lawyers get rich. Credit: Data Breach Today