Breaches

58bc13ef5da5ac4fc32d41c3fbc0e460

Lessons from the Nortel Networks Breach

February 16, 2012 Added by:Suzanne Widup

Much is being published about how inappropriate the response to the Nortel incident was, but it demonstrates an important point for companies - how do you know when you’ve done enough? How do you tell when an incident is over, and you should go back to business as usual?

Comments  (0)

9f19bdb2d175ba86949c352b0cb85572

The Truth Behind Data Breaches

February 16, 2012 Added by:Neira Jones

SQLi was the number one attack vector found in both the Web Hacking Incident Database and the number one Web-based method of entry in incident response investigations. SQL injections were the number one Web application risk of 2011...

Comments  (7)

37d5f81e2277051bc17116221040d51c

One in Three Massachusetts Residents’ Records Breached

February 15, 2012 Added by:Robert Siciliano

Massachusetts has one of the most stringent data protection laws on the books. Companies are now reporting when even a single individual’s information has been compromised. Despite strict security requirements, companies are continually being hacked in record numbers....

Comments  (0)

F29746c6cb299c1755e4087e6126a816

Your Name and SSN - All a Thief Needs for Tax Fraud

February 14, 2012 Added by:Kelly Colgan

The IRS has seen a significant increase in the number of fraud cases involving identity theft, according to Steven Miller, IRS deputy commissioner for services and enforcement. Addresses don’t mean anything. All a thief needs is your name and Social Security number...

Comments  (1)

03b2ceb73723f8b53cd533e4fba898ee

KPN Hack: Why was Customer Notification Delayed?

February 13, 2012 Added by:Pierluigi Paganini

The login credentials were stored in plain text in the repository that had been exposed, and that is absurd. This is a failure of the basic security procedures that should be recognized internationally, and is an offense for which there should be heavy penalties...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Hacker Boasts of Intel Corporation Network Breach

February 13, 2012 Added by:Headlines

A hacker who goes by the handles "WeedGrower" and "X-pOSed" claims to have breached tech giant Intel and to have gained access to an Intel.com subscriber database that contains sensitive information including passwords, social security and credit card numbers...

Comments  (0)

Ba829a6cb97f554ffb0272cd3d6c18a7

Did the 2006 Symantec Breach Expose RSA's SecurID?

February 10, 2012 Added by:Kevin McAleavey

The Symantec leak could pose a risk to RSA's SecurID. Examination of the source code for PCAnywhere turned up something disturbing - numerous header files and several libraries belonging to RSA, and SecurID code is part of the exposed PCAnywhere product source code...

Comments  (23)

9f19bdb2d175ba86949c352b0cb85572

Incident Response: Have You Got a Plan?

February 06, 2012 Added by:Neira Jones

We should always aim to reduce the frequency of security incidents by effectively securing networks, systems, applications and have the appropriate policies and processes in place, and the NIST report helps in providing guidelines on responding to incidents effectively...

Comments  (0)

6d117b57d55f63febe392e40a478011f

Update: Alleged Source Code Thieves Attempt to Extort Symantec

February 06, 2012 Added by:Anthony M. Freed

Anonymous-aligned hacker YamaTough, the spokesperson for the hacktivist group “The Lords of Dharmaraja”, falsely accused Symantec of attempting to bribe the group in order to prevent the release of source code for the company's PCanywhere product, among others...

Comments  (7)

Ebbcdce0dfc85abf519d8b44a017f687

Data Privacy: Oxymoron, Wishful Thinking, or Strategic Goal?

February 03, 2012 Added by:Brian Dean

Consumers are desensitized to breaches, as evidenced by the meager rate of consumers applying for free credit monitoring services after a company breach. If you analyze the data that was breached, sometimes you have to ask, “Why are they even collecting all of that data?”

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

VeriSign Hacked - But Why?

February 03, 2012 Added by:Pierluigi Paganini

The impairment of these mechanisms could lead to the redirection of traffic to bogus sites with serious consequences - and not just that - the compromise of the Digital Certificate model itself raises the risk for the interception of emails and confidential documents...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Data Loss Doesn’t Always Mean Getting Hacked

February 03, 2012 Added by:Robert Siciliano

Recently UCLA announced 16,000 patients were potential victims of identity theft because a doctor’s home office was broken into and data stolen. Data breaches cost big bucks. Encryption in this scenario failed due to a password on a sticky note near the laptop...

Comments  (0)

296634767383f056e82787fcb3b94864

Did Symantec's 2006 Breach Impact These High Risk Customers?

February 01, 2012 Added by:Jeffrey Carr

As the world's largest vendor of security software, the breach puts all of its corporate and government customers at risk, because if Symantec didn't know the extent of its breach back then, how do Symantec's customers know that their current product line is safe to use?

Comments  (0)

595640009b9ff10ec4d781330e3a9a40

Why Infosec Forced Me to Get an MBA

January 31, 2012 Added by:Don Turnblade

How much did restoring, repairing, reimaging, improved firewall rules, down time, legal fines, or direct fraud cost per event? Asking what it is may be too close to that great low pressure system, and you do not need to be struck by lightning. I won't ask and you won't tell...

Comments  (0)

58bc13ef5da5ac4fc32d41c3fbc0e460

Leaking Vault Update: Records Breached Figure Passes One Billion

January 31, 2012 Added by:Suzanne Widup

Although 2007 and 2008 grew the most in terms of additional incidents being disclosed, 2008 showed the highest number of additional records, with almost 95 million. Though 2011 is not the highest in terms of incidents, it is now the leader for records disclosed thus far...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Symantec: Too Many Doubts - Disable pcAnywhere Software

January 26, 2012 Added by:Pierluigi Paganini

"At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks," Symantec said in the white paper...

Comments  (4)

Page « < 10 - 11 - 12 - 13 - 14 > »