General
The Data Compromise Evolutionary Clock Is Ticking
August 22, 2012 Added by:Kelly Colgan
The digitization of medical records may make folks queasy, but it is also efficient, offering an opportunity to save both money and lives. It is in fact inevitable. Unfortunately, so are data breaches and the identity compromises that follow. We need to be deadly serious because lives are at literally at stake...
Comments (0)
Oracle Security Alert Analysis
August 19, 2012 Added by:Alexander Rothacker
So, what is this new vulnerability all about? It’s a privilege escalation vulnerability that gives an attacker SYSDBA privileges. In order to perform the exploit, one needs to have CREATE TABLE and CREATE PROCEDURE privileges as well as EXECUTE privileges on DBMS_STATS package...
Comments (0)
Ticking Time-Bombs: Production Data in Non-Production Systems
August 03, 2012 Added by:Rafal Los
While it's not really OK to have a vulnerable application sitting out on the 'net, at least if it's in "stage" mode it shouldn't have real data... right? Unfortunately this wasn't the case in many of the incidents I experienced. It's time to remind ourselves that anything that is accessible should be well protected...
Comments (0)
Big Data Analytics: On Structured and Unstructured
July 08, 2012 Added by:Ben Kepes
Analysis of unstructured data is the hot topic these days – organizations are lured by the promise of deriving huge incremental value by gaining insights from crunching vast pools of seemingly random numbers to determine patterns and trends. It’s not a huge surprise that structured data analytics gets forgotten...
Comments (0)
Two-Thirds of Management Don’t Know Where Their Data Is
June 25, 2012 Added by:Headlines
“The most disturbing findings were the number of companies that report they have no way to track what data is being stored in the cloud, no process to manage access to that data (or plans to do so), and that management doesn’t know where enterprise data is stored. This should act as a wakeup call for organizations..."
Comments (1)
Disposal Dummies Cause Privacy and Security Problems
June 21, 2012 Added by:Rebecca Herold
Information disposal is now a legal requirement for basically all businesses of all sizes, and it simply makes sense to dispose of information securely as an effective way to prevent breaches. Having effective disposal policies, procedures and technologies in place demonstrates reasonable due diligence...
Comments (1)
Top Five Fundamentals of Network Security
June 14, 2012 Added by:Megan Berry
There are many factors that can bring down your networks and compromise data, including criminals, carelessness and disgruntled employees. The hardware, software, and policies that make up the layers of network security defend your company’s systems from these threats. What are the most common threats?
Comments (1)
NIST Conducts Big Data Workshop
June 14, 2012 Added by:Infosec Island Admin
In this first NIST 'Big Data' workshop, key national priority topics will be explored, including examples from science, health, disaster management, security, and finance. At the same time, topics in emerging technology areas including analytics and architectures will also be discussed...
Comments (0)
Big Brother Likes Big Data: Balancing Privacy with Innovation
June 05, 2012 Added by:Rebecca Herold
Big Data and associated analytics can be used to improve business and customer experiences and bring innovation and medical breakthroughs. However, organizations must make sure they don’t cross that line of customization and business improvements into creepiness and full-blown privacy invasion...
Comments (0)
Ensuring Data Integrity via Checks, Tests, and Best Practices
June 04, 2012 Added by:Fergal Glynn
As a process, data integrity verifies that data has remained unaltered in transit. As a state or condition, it is a measure of the validity and fidelity of a data object. As a function related to security, means information is exactly as it was inputted and is auditable to affirm its reliability...
Comments (0)
How to Secure Patient Data in a Healthcare Organization
May 23, 2012 Added by:Danny Lieberman
If you are a HIPAA covered entity, securing patient data is central to your business. If you are a big organization, you probably don’t need my advice. If you are small to mid-size provider without a large budget, the question is “How can I do this for as little money as possible?”
Comments (0)
Small Merchant Data Security: Helping Them Help Themselves
May 17, 2012 Added by:Stacey Holleran
Many small merchants—whether selling online or brick-and-mortar, or both—don’t have the technological background to understand the steps necessary for protecting the cardholder information and other sensitive data that passes through (and may be stored in) their business systems...
Comments (0)
Growing Mistrust of India’s Biometric ID Scheme
May 14, 2012 Added by:Electronic Frontier Foundation
In India, a massive effort is underway to collect biometric identity information for each of the country’s 1.2 billion people. The incredible plan has stirred controversy in India and beyond, raising serious concerns about the security of individuals’ personal data...
Comments (0)
Taming the WWW or Wild Wild West
May 13, 2012 Added by:Jayson Wylie
There is a reason the security world refers to exploitation on the Internet to activity ‘in the wild’. A comparison can be made to the lawless, tough and unforgiving world of the Wild West in American history. You can get your stuffz or scalp taken...
Comments (0)
Where is My Information?!?!
May 10, 2012 Added by:Marc Quibell
Here's the problem - too many people have too much information about you, stored in or on who-knows-what, and who-knows-where. The risks of having your identity stolen and used are astronomical. All it requires is someone on the receiving end putting it all together...
Comments (0)
Six Good Reasons to De-Identify Data
May 08, 2012 Added by:Rebecca Herold
Even though it sounds complicated there are many good methods you can use to accomplish de-identification. The great thing is, under many legal constructs de-identification is an acceptable way to use personal information for purposes beyond which the personal data was collected...
Comments (2)
- Financial Malware Fell in 2014 As Takedown Operations Have Impact
- Resource Scarcity Plaguing Security Programs
- The ‘ABC’ of the ‘APT’
- EFF Joins Civil Society and Computer Security Experts to Call for Rejection of Flawed Cybersecurity Legislation
- Suits and Spooks London: Register Now for Early Bird Rate
- Angler Exploit Kit Uses Domain Shadowing to Evade Detection
- Is Compliance Bad for Security?
- Malware Can Hide in a LOT of Places
- Weaknesses in Air Traffic Control Systems are a Serious Issue for FAA
- PlugX Malware Adopts New Tactic in India Attack Campaign