20th July, 2018 By Stacy Cowley
Automakers like Tesla, Toyota and Volkswagen go to great lengths to keep their technical information confidential. Details about assembly line machinery and proprietary robotics are among the industry’s most closely guarded trade secrets.
But this month, a security researcher came across tens of thousands of sensitive corporate documents — including many from nearly all of the largest auto manufacturers — on the open internet, unprotected. The trove included material from more than 100 companies that had interacted with a small Canadian company, Level One Robotics and Controls.
Among the documents were detailed blueprints and factory schematics; client materials such as contracts, invoices and work plans; and even dozens of nondisclosure agreements describing the sensitivity of the exposed information.
Full Article.
25th July, 2018 By Paul Ducklin
What’s worse than a world-readable copy of your customers’ data that any hackers with time on their hands (or even just a bit lof luck) might stumble across?
How about a world-readable set of customer data that’s also world writable?
That way, once crooks have downloaded the entire trove, they can snoop through the stolen data, make a bunch of subtle (or even not-so-subtle) changes…
…and upload the alterations back to your server.
That way, they get a chance to make history, not merely to snoop on it.
Full Article.
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.