General
From the Web
United States Department of Defense Embraces Hacker Certification to Protect US Interests
March 01, 2010 from: Saumil's Infosec Blog
The U.S. Department of Defense (DoD) announces the official approval of the EC-Council Certified Ethical Hacker (CEH) certification program as a new baseline skills requirement for U.S.cyber defenders. Specifically, the new Certified Ethical Hacker program is required for the DoD's computer network defenders (CND's), a specialized personnel classification within the DoD's information assurance wor...
Comments (1)
From the Web
21 more business sector breaches from 2009
February 27, 2010 from: Office of Inadequate Security
Maryland has updated its web site to provide breach notifications that it has received since its last update. The newly posted notifications are for the period ending December 31, 2009, so there will likely be more to come for 2010
Comments (0)
From the Web
Call centre recordings could breach payment card industry security rules
October 15, 2009 from: Office of Inadequate Security
More than 95% of call centres were found to store customers’ credit card details in recordings of phone conversations in breach of industry rules, according to a survey conducted by a call recording technology company.
Comments (0)
From the Web
Probe Targets Archives’ Handling of Data on 70 Million Vets
October 01, 2009 from: Office of Inadequate Security
The inspector general of the National Archives and Records Administration is investigating a potential data breach of tens of million of records about U.S. military veterans, after the agency sent a defective hard drive back to its vendor for repair and recycling without first destroying the data.
Comments (0)
From the Web
UNC security breach less severe than feared
September 30, 2009 from: Office of Inadequate Security
A hacker who wormed into a UNC Chapel Hill computer server may not have gotten access to as much information as officials originally feared.
Comments (0)
From the Web
Houston police bust large ID theft ring
September 15, 2009 from: Office of Inadequate Security
Police have busted a Houston-based identity theft ring that victimized 457 people and 83 businesses scattered across 25 states, investigators announced today.
Comments (0)
From the Web
Heartland CEO: Credit Card Encryption Needed
September 15, 2009 from: Office of Inadequate Security
Grant Gross of IDG News Service reports that in testimony before the Senate Homeland Security and Governmental Affairs Committee yesterday, Heartland Payment Systems CEO Robert Carr was hit with a question about how the payment processor could have been breached for over one year and yet not detected it:
Comments (0)
From the Web
Lifelock loses another round in court
September 03, 2009 from: Office of Inadequate Security
Experian has issued a press release indicating that a federal court in California has denied LifeLock’s request to reconsider a ruling which found that LifeLock’s practice of setting 90-day fraud alerts on Experian and other credit bureaus was unlawful:
Comments (0)
From the Web
U. Vermont announces credit card breach
September 02, 2009 from: Office of Inadequate Security
Unversity of Vermont recently discovered that the security of up to 242 university-funded credit cards has been compromised. Ann Naylor of UVM Procurement services said in a statement that UVM is unaware of how the breach occured.
Comments (0)
From the Web
Security test prompts federal fraud alert
August 28, 2009 from: Office of Inadequate Security
A sanctioned security test of a bank’s computer systems had some unexpected consequences this week, leading the federal agency that oversees U.S. credit unions to issue a fraud alert.
Comments (0)
From the Web
School district hiding behind a criminal investigation - parent
August 26, 2009 from: Office of Inadequate Security
On the principle of “no good deed goes unpunished,” some of those who have discovered and reported breaches have been terminated or prosecuted for their actions...
Comments (0)
From the Web
Finance company identifies 294 recipients of non-payment legal threat
August 18, 2009 from: Office of Inadequate Security
A finance company has disclosed the email addresses of 294 customers that it says are behind in their repayments to the firm. The company emailed the customers but did not hide the addresses of everyone it contacted.
Comments (0)
From the Web
Data security breach notification law update
August 07, 2009 from: Office of Inadequate Security
This is a brief timeline of the latest in legislative changes surrounding requirements for reporting a security breach.
Comments (0)
From the Web
Clarence employees criticized in audit
July 31, 2009 from: Office of Inadequate Security
The Clarence High School [Buffalo, NY] principal and other district employees repeatedly used district computers for personal use, the state comptroller’s office said.
Comments (0)
From the Web
Security Threat Statistics Resources
July 06, 2009 from: Writing Secure Software
Some good links to Threat Statistics.
Comments (0)
From the Web
Identity Theft and Phishing and How Affects Financial Institutions
July 06, 2009 from: Writing Secure Software
In the USA, online fraud has overtaken viruses as the greatest source of financial loss. Among on-line fraud threats, phishing represents a major threat for financial institutions and according to the Anti-Phishing group organization, 93.8% of all phishing attacks in 2007 are targeting financial institutions.
Comments (1)
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security
- The NSA’s Word Games Explained: How the Government Deceived Congress in the Debate over Surveillance Powers
- NSA Surveillance Is Legal And Not Targeting Average Americans, Says Texas A&M Professor