A researcher named Robin Justin detailed how he exploited vulnerabilities in India’s Sarathi Parivahan website, accessing the personal identifiable information (PII) of 185 million citizens. He found several insecure endpoints that allowed him to access names, addresses, and driving license numbers. After reporting these vulnerabilities to India’s Computer Emergency Response Team (CERT-IN), he also discovered a weak one-time password (OTP) system for an administrator account. Both issues have been resolved.
Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity
Witnesses at a House hearing on medical device cybersecurity highlighted the need for better tracking of devices and their vulnerability to cyber threats. They noted
