Breaches

Fd7e078e5bfb68a4be33cbfac76f4f70

Detecting Window Stations and Clipboard Monitoring Malware with Volatility

September 19, 2012 Added by:Michael Ligh

Explore undocumented windows kernel data structures related to window station objects and the clipboard. Detect clipboard-snooping malware using Volatility - an advanced memory forensics framework...

Comments  (0)

Fd7e078e5bfb68a4be33cbfac76f4f70

Recovering Login Sessions, Loaded Drivers, and Command History with Volatility

September 18, 2012 Added by:Michael Ligh

Learn about the undocumented windows kernel data structures related to RDP logon sessions, alternate process listings, and loaded drivers. See how Volatility can help you forensically reconstruct attacker command histories and full input/output console buffers...

Comments  (0)

37d5f81e2277051bc17116221040d51c

How to Handle a Credit Card Breach While Abroad

September 13, 2012 Added by:Robert Siciliano

A 60-day window covers two billing cycles, enough for most account-conscious consumers who keep an eye on their spending. Victims of fraudulent credit card charges only wind up paying the unauthorized charges if they fail to report the credit card fraud within 60 days...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Rapid 7 Analysis of Data Breach Incidents

September 11, 2012 Added by:Pierluigi Paganini

Excluding attacks by foreign governments and cyber criminals that exploit 0-days, with best practices and the adoption of compliance at the current standard, in matters of security it is possible to avoid data breach incidents, or at least reduce the amount of exposed information...

Comments  (0)

Ebbcdce0dfc85abf519d8b44a017f687

How Security Professionals Can Better Protect Against Data Breaches

August 16, 2012 Added by:Brian Dean

The bottom line: Hacking is lucrative and can be executed from nearly anywhere in the world. Security professionals should be providing risk assessment results annually to executive management. Of course, providing a list of vulnerabilities is probably career limiting. This is the balancing act we must perform...

Comments  (2)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Court Dismissed Another Data Breach Suit

August 06, 2012 Added by:David Navetta

The Holmes decision further underscores difficulties in securing any recovery on a data breach lawsuit absent actual identity theft. However, the lengthy history of this case — dating back to 2008 including a challenge to a Court approved settlement — highlights that such cases are protracted and costly to defend...

Comments  (0)

F29746c6cb299c1755e4087e6126a816

Losing Trust: Canadian Data Breach Spotlights Human Error

July 27, 2012 Added by:Kelly Colgan

It’s not just about protecting ourselves from identity theft or fraud like when our account number or government-issued ID numbers are exposed. It’s what I like to call privacy for the sake of privacy. Just knowing that someone could be looking at our personal histories doesn’t sit well with the public...

Comments  (0)

F29746c6cb299c1755e4087e6126a816

Latest Data Breach Notification Bill Won’t Go Far

July 23, 2012 Added by:Kelly Colgan

When comparing the bill to existing state laws on the subject, the lack of focus on consumer protection and an emphasis on making it business-friendly become evident. It becomes evident not by looking at what the bill contains, but by looking at what is purposely missing...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

One in Ten Small Businesses Experienced a Data Hack

July 20, 2012 Added by:Headlines

"While the media is reporting a growing number of high profile data breaches, some small businesses may also be a popular target for hackers because their systems are usually easier to get into and the breach may not be found out for a good few weeks...”

Comments  (0)

02a6d0efd54c7388e26f125d8df83671

Notifying Customers About a Data Breach: Five Rules

July 17, 2012 Added by:Megan Berry

Legal fees, clean-up costs, lost business and damage to an organization’s reputation: consequences of a business being hit with a data breach. Cost can be significant, which is why it is critical to properly respond after a data breach...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Study Finds Minimal Transparency in Breach Reports

July 17, 2012 Added by:Headlines

"Other than breaches reported by the media and a few progressive state websites, there continues to be little or no information available on many data breach events. The public has no way of knowing just how minor or serious the data exposure was for any given incident," ITRC states...

Comments  (0)

C4363f41d25c216c53c8d71a1ac44a90

Netherlands to Establish Mandatory Breach Notification

July 11, 2012 Added by:Matthijs R. Koot

In 2012, Netherlands will establish mandatory breach notification for vital sectors, giving the government increasing sectoral intervention possibilities. This includes the authority to obtain information, administrative enforcement of designations and the authority to appoint an officer on behalf of the government...

Comments  (0)

65be44ae7088566069cc3bef454174a7

Lack of Basic Security Practices Results in $1.7 Million Sanction

July 02, 2012 Added by:Rebecca Herold

“This is OCR’s first HIPAA action against a state agency and we expect organizations to comply with their obligations under these rules regardless of whether they are private or public entities.” Bottom line for all organizations of all sizes: It is wise to learn from the pain of others...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Two Northeast States Updated Breach Notification Statutes

June 27, 2012 Added by:David Navetta

Much time and ink has been spent on the steady stream of data security and breach-related bills that spring up in Congress like mushrooms after a rain. But recently Vermont and Connecticut updated their existing breach notification statutes, highlighting the need to monitor state legislatures...

Comments  (0)

296634767383f056e82787fcb3b94864

Breach Alert: Putin Makes Drone Development a National Priority

June 19, 2012 Added by:Jeffrey Carr

Russia plans to spend US$13B on UAS development over the next eight years. Part of that technology development strategy is almost certainly going to be acquiring intellectual property on related technology from foreign firms. Two good examples of companies at risk are Boeing and General Atomics...

Comments  (0)

11146d62a6c31fb9fac8ac8ac991e08d

We Don’t Need Cyber-Vigilante Justice

June 15, 2012 Added by:Andy Willingham

You see what made me so mad? It wasn’t the release of the PII of all those innocent people, it was their reason for doing it. They reported a web site vulnerability and it wasn’t fixed, so they decided to post PII of thousands of people on the internet. Who put them in the role of deciding who wins and who loses?

Comments  (2)

Page « < 10 - 11 - 12 - 13 - 14 > »