• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
AskCyber Home » News » News » Cyber Security News Update 3/23/2019

Cyber Security News Update 3/23/2019

2019-03-22 by Max

FEMA has had a major security incident that has left the private data of several million people exposed, which includes their personal addresses and financial information. The breach affects some 2.6 million people who used FEMA’s Transitional Sheltering Assistance program, and while how far back the data stretches we do know that individuals from the 2017 wildfires in California had their data exposed. The breach appears to have occurred due to FEMA sharing its data with contractors that provide assistance, but whether this means that the contractor suffered the breach or FEMA did is unclear.

Currently, FEMA has been instructed to create better controls that will allow it to ensure that any data that leaves FEMA to a contractor can be destroyed and that proof of its destruction is obtainable. FEMA has stated that since it discovered the breach in December of 2018 that it has installed an automatic filtering system that prevents personal data from accidentally leaving the FEMA systems and has inspected its premises, systems, and methods twice with outside experts. Source: FEMA ‘major privacy incident’ reveals data from 2.5 million disaster survivors

A spyware vendor has left their servers completely exposed and unencrypted, which means that anyone who can find the servers can see everything that’s stored on them. While this would normally be a concern from alarm and a rapid fix, the contents of these servers are particularly personal as they come from stalkerware. Stalkerware, or spyware, are programs designed to allow someone else to view what a device is doing and collect information from it such as its location, state, and other identifying data. These apps are sold for people who suspect their children or loved ones of doing something, and are massive invasions of privacy. These apps are often marketed under the auspice that they can be used to find a lost device since they can be used to ping the device’s location.

The developer of a certain family of stalkerware has left their servers completely open, and there are several gigabytes of photos and audio floating around somewhere on the web. Currently security researches have declined to name the company, and rightly so, because the moment they publicly name the company those servers are going to be swarmed by people looking to steal the data. The researchers who found the exposed servers have reached out several times to the owner of the servers as well as the host, without results.
Source: This Spyware Data Leak Is So Bad We Can’t Even Tell You About It

The NSA released its reverse engineering tool, named “Ghidra” to the public a few weeks ago and already a vulnerability has been found in it. Ghidra is designed to allow users to see how a virus works, without providing them with a completed version of the code. The bug allows for users to upload infected code and reproduce the malware that caused the damage, without having to do much work themselves. This would allow anyone the ability to clone dangerous malware such as NotPetya or EternalBlue.
Source: NSA’s Ghidra already found to be plagued by a security vulnerability

Filed Under: News

About Max

Max is a Data Privacy Coordinator at a major global law firm and a science fiction author residing in the Philadelphia area. He has been writing for https://www.askcybersecurity.com since early 2017.


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version