Encircle News!

Retro Game Arcade
, , ,

US court software and systems have some worrying security flaws

TechRadar – All the latest technology news

Nineteen platforms used by courts and governments in the United States carried critical vulnerabilities that allowed threat actors to tamper with the stored information.

This means highly sensitive information, such as voter data, medical information, and similar, was available for anyone with even rudimentary coding skills, who could have added, changed, or completely removed, the information stored in these platforms.

The warning comes from software developer and cybersecurity researcher Jason Parker, who recently analyzed the platforms used by hundreds of courts, government agencies, police departments, and other critical public organizations, and in an in-depth analysis posted on his blog, noted the platforms failed “at the most fundamental level of cybersecurity.”

No evidence of abuse

The 19 platforms that carried critical vulnerabilities are Inmate Management, Court Case Management Plus, CMS360, CaseLook, eFiling, GovQA, EZ-Filing (v3 and v4), Officer Profile Portal, C-Track, GovQA, Voter Cancellation, and a handful of in-house built platforms. The majority of the flaws revolve around weak permission controls, it was said. Other notable mentions include poor user input validation processes, and flawed authentication processes.

“If a voter’s registration can be canceled with little effort and confidential legal filings can be accessed by unauthorized users, what does it mean for the integrity of these systems?” Parker questioned.

The silver lining here is that there is no evidence of these flaws being exploited in the wild. Still, vendors need to step up and fix the bugs immediately, something customers should demand, as well, Parker stressed. Vendors should also actively engage in pentesting, software audits, employee training, and more. Multi-factor authentication (MFA) should be omnipresent in these platforms, he believes.

“This series of disclosures is a wake-up call to all organizations that manage sensitive public data,” Parker wrote. “If they fail to act quickly, the consequences could be devastating—not just for the institutions themselves but for the individuals whose privacy they are sworn to protect.”

Via Ars Technica

More from TechRadar Pro

https://www.techradar.com/pro/security/us-court-software-and-systems-have-some-worrying-security-flaws

Leave a Reply

Your email address will not be published. Required fields are marked *

Follow Us

Featured Posts

October 2024
M T W T F S S
 123456
78910111213
14151617181920
21222324252627
28293031  

About Us

Welcome to encircle News! We are a cutting-edge technology news company that is dedicated to bringing you the latest and greatest in everything tech. From automobiles to drones, software to hardware, we’ve got you covered.

At encircle News, we believe that technology is more than just a tool, it’s a way of life. And we’re here to help you stay on top of all the latest trends and developments in this ever-evolving field. We know that technology is constantly changing, and that can be overwhelming, but we’re here to make it easy for you to keep up.

We’re a team of tech enthusiasts who are passionate about everything tech and love to share our knowledge with others. We believe that technology should be accessible to everyone, and we’re here to make sure it is. Our mission is to provide you with fun, engaging, and informative content that helps you to understand and embrace the latest technologies.

From the newest cars on the road to the latest drones taking to the skies, we’ve got you covered. We also dive deep into the world of software and hardware, bringing you the latest updates on everything from operating systems to processors.

So whether you’re a tech enthusiast, a business professional, or just someone who wants to stay up-to-date on the latest advancements in technology, encircle News is the place for you. Join us on this exciting journey and be a part of shaping the future.

Podcasts

TWiT 999: Bananas and Browsers – CA AI Bill Veto, Meta's Orion, FTC Vs. Fake Reviews This Week in Tech (Audio)

CA AI Bill Veto, Meta's Orion, FTC Vs. Fake Reviews Sam Altman's AI Manifesto News from Meta Connect Gavin Newsom vetoes sweeping AI safety bill, siding with Silicon Valley The Panel discusses CoPilot The Panel debates AGI James Cameron Joins Board of Stability AI in Coup for Tech Firm SAG-AFTRA Calls Strike Against 'League of Legends' Rabbit says only 5,000 people use the R1 daily Orion: True AR Glasses Have Arrived AI smackdown: How a new FTC ruling just protected the free press DoNotPay has to pay $193K for falsely touting untested AI lawyer, FTC says Firefox Review Checker – Ensure review authenticity in your online shopping New California law requires one-click subscription cancellations The DOJ sues Visa for locking out rival payment platforms NIST proposes barring some of the most nonsensical password rules Some Mad Genius Put ChatGPT on a TI-84 Graphing Calculator 23andMe troubles, company recently settled data insecurity suit for $30 mil Host: Leo Laporte Guests: Denise Howell, Parmy Olson, Daniel Rubino, and Henry Laporte Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: lookout.com 1password.com/twit shopify.com/twit veeam.com flashpoint.io
  1. TWiT 999: Bananas and Browsers – CA AI Bill Veto, Meta's Orion, FTC Vs. Fake Reviews
  2. TWiT 998: Artisanal Locally-Sourced Dopamine – Amazon Returns to Office, CA AI Bill, Elon Backs Down
  3. TWiT 997: Put an OLED on it – iPhone Event 2024, $700 PS5, AI in AU
  4. TWiT 996: The Quiet Office Crackdown – Starlink Backtracks, AI Royalty Heist
  5. TWiT 995: The Story of Us – AnandTech Shuts Down, Brazil Bans X, Alexa Revamp