Tag: Orange | Page 2

Security glitch enabled website to publish attorney discipline records, State Bar says – Orange County Register

March 1, 2022/in Computer Security

A public records website inadvertently published 260,000 confidential attorney discipline documents due to a security glitch within the State Bar of California’s case management system, not as a result of a malicious computer hack, officials said Monday.

The State Bar, in what was initially described as a “breach,” first discovered Friday that judyrecords.com had published the confidential documents along with about 60,000 public State Bar court cases.

The State Bar learned the documents were public after someone who had complained about an attorney told an investigator from its Office of Chief Trial Counsel about the judyrecords website. Judyrecords removed the documents on Saturday.

Judyrecords initially posted limited case profile information for approximately 260,000 nonpublic cases. The site owner has provided the State Bar with preliminary analytical data of its website traffic, showing that approximately 1,000 unique page views by the public.

“We are working closely with judyrecords to firmly identify the cases which were actually viewed,” the State Bar said in an email.

“It is now the State Bar’s belief that there was no malicious hack of its system,” the agency said in a statement. “Instead, it appears that a previously unknown security vulnerability in the Tyler Technologies Odyssey case management portal allowed the nonpublic records to be unintentionally swept up by judyrecords when they attempted to access the public records, using a unique access method. The State Bar is working with Tyler Technologies, the maker of the Odyssey system, to remediate the security vulnerability, which we believe may not be unique to the State Bar’s implementation and could impact other users of Odyssey systems.”

Tyler Technologies did not respond Monday to a request for comment.

The State Bar and judyrecords are working together to ensure that the nonpublic records are permanently purged from the site and that public records remain available.

The State Bar Court website allows the public to search for publicly available case information. However, state law requires that all attorney disciplinary investigations remain confidential until formal charges are filed…

Source…

Security Navigator 2022 Report From Orange Cyberdefense Sheds Light On Digital Pandemic / Digital Information World

December 21, 2021/in Computer Security

Cyber attacks that can lead businesses to terminate themselves or protect themselves from further attacks are spreading rapidly. This is why experts are now referring to these attacks as a “digital pandemic”.

Europe’s leading security service provider, Orange Cyberdefense, has recently shared their Security Navigator report for 2022. This report features research work along with some insights on the system and views from some leading experts based on the cyber threats globally.

As per the report, the ongoing year witnessed almost 95,000 cyber attacks. The number of attacks went up by 45,398 from the previous year. Similarly, in comparison to thirty-seven attacks per month in 2020, the ongoing year is led by almost forty-two attacks. Such attacks that were mostly reported by the victims were based on system malware, network abnormalities (for example, tunneling), abnormalities faced in accounts and getting phished through socially engineered attacks.

According to the statistical analysis, small-scale businesses had the lowest attack rate of just seventeen percent. While dissecting further into the types of attacks, it was observed that almost thirty-five percent were linked with system malware, closely followed by application and network abnormalities with twenty-nine percent, and the least type was found to be account irregularities with just fourteen percent. Though small-scale platforms had the lowest attack rate, in comparison to attacks done in 2020, the numbers have now gone up by almost ten percent. Moreover, according to Orange Cyberdefense, the attack rate increases gradually with the level of business, but in the case of small platforms, they experience thirty-percent more cyber attacks as compared to middle-class businesses. One reason for the increase in attack frequency could be that these types of businesses usually do not invest much in anti-cyber attack software as compared to medium or large-scale businesses. This is why these platforms are more vulnerable to cyber hackers and, as a result, they experienced more attacks this year.

Mid-level businesses, on the other hand, accounted for nearly a third of all reported cyber crime cases. The major portion of these…

Source…

Orange warns of rising cyberattacks on mobile devices

December 9, 2021/in Mobile Security

Orange Cyberdefense, the managed security services provider of the France-based Orange Group, has just released its latest report with some pretty concerning findings especially for those of us that use a mobile device (so most of us, then).

According to the snappily named Security Navigator 2022, there was a 13% increase in cyberattacks on enterprises over the past 12 months. For the first time, a noticeable wave of attacks against mobile devices was detected from the third quarter.

While a total 94,806 incidents were flagged as being potential threats, 34,156 (36%) were ultimately confirmed to be legitimate security incidents. More than a third (38%) of all confirmed security incidents were classified as malware, including ransomware an increase of 18% compared with 2020. “The single emergent threat that stands out head and shoulders over the rest in our advisories, is that of cyber extortion, or ransomware,” the report said.

The report also found that mobile operating systems like iOS and Android in a business context are an increasingly popular target for exploits. Orange Cyberdefense warned that the situation is likely to get worse in future, as vulnerabilities find their way into the criminal ecosystem.

Indeed, the report said Apple’s iOS mobile operating system appeared in twice as many advisories in the first three quarters of 2021 as in the preceding three quarters.

“It seems apparent to us that there has been a wave of vulnerabilities and attacks against this platform in the last few months that have required urgent patching by our users,” the report said. “Many of the vulnerabilities appear to emerge from the ever-present ‘cyber military complex’ that is prepared to invest vast sums of money to access the mobile phone of an individual who is of political interest to some government or the other.”

Inverse pandemic effect

As was the case in the 2021 report, Orange indicated that the COVID-19 pandemic had comparatively little effect on cyberattacks or at least not in the way that might have been expected.

Charl van der Walt, head of the security research center at Orange Cyberdefense, noted that cyberattacks tend to decrease during…

Source…

CSUF cybersecurity students test their ‘ethical hacking’ abilities – Orange County Register

January 22, 2021/in Computer Security

It has been said that the best defense is a good offense. So, although many cybersecurity experts and firms go to great lengths to defend themselves from attack, the idea of “offensive security” has become an important component in computer science.

On Jan. 7-10, a squad of Cal State Fullerton students had a chance to test its offensive capabilities by competing in the National Collegiate Penetration Testing Competition. Junior-high snickering that the name conjures aside, the tournament is one of the top collegiate cybersecurity competitions in the country.

Corporations and countries are always looking to build a better mousetrap, and the mice — or hackers — will always look for new ways to beat, circumvent, infiltrate or otherwise disable them.

As a result, offensive security studies approach the field from a hacker’s perspective by exploring how to attack systems. There’s even a term in the lexicon: “ethical hacking.”

According to Mikhail Gofman, director of Cal State Fullerton’s Center for Cybersecurity, independent attack-testing companies have become a robust part of the industry and thousands of security jobs are out there, many that pay well.

“This is the kind of skill set that is very much in demand,” he said.

The tournament was created in 2015 and held virtually this year for the first time due to the pandemic. The tourney featured an international field of 15 schools, including Rochester Institute of Technology, Stanford, Cal Poly Pomona, Bournemouth University in England and RIT-Dubai.

A year after failing to make the tournament, the Titans qualified with a fourth-place finish in the Western Regionals behind City College of San Francisco, Cal Poly and Stanford.

Sixty-seven universities from across the globe competed in their respective qualifying competitions.

This year, RIT, the traditional home for the national competition in nonpandemic times, won the title, followed by Stanford and Cal Poly Pomona. Teams out of the top three were not individually named.

In 2018, Fullerton finished in second place in the national finals.

The Titan team will return all but one of its members to school next year.

Cal State Fullerton junior Josiah Peedikayil…

Source…

Tag Archive for: Orange