The Caos Computer Club (CCC) accused the Trust service provider D-Trust of “cyber iVash” instead of facing its responsibility after searching for safety leakage. That is why CCC spokesperson Linus is offering a 5 -point plan to the company.
Advertisement
The person who discovered API vulnerability contacted the CCC instead of communicating directly with the de-trust. The reason for safety researchers is the reason for the lack of legal protection for the safety researchers. While the D-Trust speaks of “targeted manipulation” and a criminal complaint is filed, the CCC emphasizes that no approach security was sidelined.
Judgment: Google liable as a tortfeasor for fraudulent advertisements under DSACCC recommends Following this incident, a 5-citizen plan, according to which, among other things, the company will have to take responsibility for compliance with state-of-the-art and thus “safety standards of the current century”. In addition, the CCC is again demanding to eliminate the hacker paragraph and punishment by the federal commissioner for data protection and freedom of information.
In podcast “Logbook: Network PolicyPneumon said that in his opinion, those responsible for open APIs should face criminal allegations. Instead, the data was posted on the Internet without adequate protection, which according to the pneumon, the de-trust must clarify.
After reporting the attack on its application portal for the signature and seal card by D-Trust last week, Pneumon approached the company in an email and informed them that an anonymous security researcher up to data through an open API Has made access. The data was completely removed.
On 13 January, D-Trust announced that the data was read from an interface on the “portal.d-trust.net” portal and the company filed a criminal complaint. “Electronic Healthcare Professional Card (EHBA) and Practice or Institute Card (SMC-B) application data” were also affected. Doctors require these special credentials to exchange health care data – to reach telematics infrastructure – and signs documents.
(Mac)
Bundestag Election: Regulators X, Tikk, Meta & Co..
