December 04, 2012 Added by:Kelly Colgan
I’m a South Carolina taxpayer, and therefore, a potential victim of the massive South Carolina Department of Revenue Breach. I work in the identity theft and data risk industry, so when I heard about how everything was being handled and what was being offered, I was upset...
November 29, 2012 Added by:Pierluigi Paganini
The group of hackers who named itself Parastoo Farsi have exposed contacts for more than 100 nuclear experts and scientists, the word Parastoo is Farsi and refers to a bird species like the swallow and an Iranian girl's name...
November 09, 2012 Added by:Mikko Jakonen
Criminals or 'adversaries' do not care about your papers. Period. Only a skilled set of controls, wisdom, and discipline in management secures the environment. Attackers will utilize every means to gain access your beloved environment...
September 28, 2012 Added by:Tripwire Inc
The fact that usernames and passwords were being logged to a plaintext file itself is problematic, even if the passwords are being hashed when stored in a database, if such data is logged in plain text it defeats the entire purpose...
September 26, 2012 Added by:Pierluigi Paganini
A possible Iranian cyber offensive against US banks has been discussed recently, and immediately denied by government of Teheran. Financial institutions are targets for a cyber attacks, as the banking system is a critical asset for a nation and its paralysis could damage economic activities...
September 19, 2012 Added by:Christopher Laing
For collective intelligence directed at security breaches, I would argue, that an effective means of transparently sharing details without fear of recrimination and embarrassment would greatly reduce the impact of such breaches. Fine idea, but how can this be achieved?
September 19, 2012 Added by:Michael Ligh
Explore undocumented windows kernel data structures related to window station objects and the clipboard. Detect clipboard-snooping malware using Volatility - an advanced memory forensics framework...
September 18, 2012 Added by:Michael Ligh
Learn about the undocumented windows kernel data structures related to RDP logon sessions, alternate process listings, and loaded drivers. See how Volatility can help you forensically reconstruct attacker command histories and full input/output console buffers...
September 13, 2012 Added by:Robert Siciliano
A 60-day window covers two billing cycles, enough for most account-conscious consumers who keep an eye on their spending. Victims of fraudulent credit card charges only wind up paying the unauthorized charges if they fail to report the credit card fraud within 60 days...
September 11, 2012 Added by:Pierluigi Paganini
Excluding attacks by foreign governments and cyber criminals that exploit 0-days, with best practices and the adoption of compliance at the current standard, in matters of security it is possible to avoid data breach incidents, or at least reduce the amount of exposed information...
August 16, 2012 Added by:Brian Dean
The bottom line: Hacking is lucrative and can be executed from nearly anywhere in the world. Security professionals should be providing risk assessment results annually to executive management. Of course, providing a list of vulnerabilities is probably career limiting. This is the balancing act we must perform...
August 06, 2012 Added by:David Navetta
The Holmes decision further underscores difficulties in securing any recovery on a data breach lawsuit absent actual identity theft. However, the lengthy history of this case — dating back to 2008 including a challenge to a Court approved settlement — highlights that such cases are protracted and costly to defend...
July 27, 2012 Added by:Kelly Colgan
It’s not just about protecting ourselves from identity theft or fraud like when our account number or government-issued ID numbers are exposed. It’s what I like to call privacy for the sake of privacy. Just knowing that someone could be looking at our personal histories doesn’t sit well with the public...
July 23, 2012 Added by:Kelly Colgan
When comparing the bill to existing state laws on the subject, the lack of focus on consumer protection and an emphasis on making it business-friendly become evident. It becomes evident not by looking at what the bill contains, but by looking at what is purposely missing...
July 20, 2012 Added by:Headlines
"While the media is reporting a growing number of high profile data breaches, some small businesses may also be a popular target for hackers because their systems are usually easier to get into and the breach may not be found out for a good few weeks...”
July 17, 2012 Added by:Megan Berry
Legal fees, clean-up costs, lost business and damage to an organization’s reputation: consequences of a business being hit with a data breach. Cost can be significant, which is why it is critical to properly respond after a data breach...
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015