Breaches

F29746c6cb299c1755e4087e6126a816

Fifteen Unsafe Security Practices that Lead to Data Breaches

March 21, 2012 Added by:Kelly Colgan

Database security is an essential element of overall security maturity at enterprise level. Underestimating its value and not dedicating sufficient attention to developing a comprehensive data security plan can, in many instances, lead to data compromise...

Comments  (1)

03b2ceb73723f8b53cd533e4fba898ee

Millions of US Government Email Addresses for Sale

March 19, 2012 Added by:Pierluigi Paganini

An underground black market is offering 2,462,935 U.S government email addresses and another 2,178,000 U.S military email addresses for sale. The risks are really serious, as this information could be used by hostile government in cyber attacks and cyber espionage activities...

Comments  (0)

B451da363bb08b9a81ceadbadb5133ef

It’s Back: March Madness Higher Education Data Breach Brackets

March 12, 2012 Added by:Alexander Rothacker

The method to our ‘Madness’ is simple – based solely on the number of reported records breached in 2011, we put together brackets. For each U.S.-based institution of higher learning that reported a data breach in 2011, we seeded (ranked) them based on number of records affected...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

PCI: When a Breach is Not a Breach

March 08, 2012 Added by:PCI Guru

The lawsuit points out a disconcerting issue with a cardholder data breach: Any incident investigation initiated by the card brands under the PCI standards is going to focus on PCI compliance and not on whether or not the breach actually occurred...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

The Changing World of Information Security Compromises

March 08, 2012 Added by:Brent Huston

Hacktivism is an extended threat for infosec. You can be targeted for your partnerships, role in a supply chain, to steal CPU cycles/storage from your systems, or because you have a common vulnerability. There are a myriad of reasons from the criminal to the abstract...

Comments  (0)

509ea0c1f4a210534eb004d35c10aa2d

The Financial Impact of Breached Protected Health Information

March 07, 2012 Added by:Marjorie Morgan

The ISA and ANSI released a new report titled The Financial Impact of Breached Protected Health Information which explores the reputational, financial, legal, operational, and clinical repercussions of a protected health information breach on an organization...

Comments  (0)

Ba829a6cb97f554ffb0272cd3d6c18a7

Panda Security Suffers the Wrath of AntiSec

March 07, 2012 Added by:Kevin McAleavey

The defacement also show tremendous amounts of sensitive corporate information including internal accounts, passwords, server and cloud configurations, access information to the antivirus lab's Teamviewer as well as alternate means of accessing their internals via "logmein"...

Comments  (2)

9f19bdb2d175ba86949c352b0cb85572

Compliance in the Digital Era: Watch Out for the Third Party

February 24, 2012 Added by:Neira Jones

It is crucial that businesses understand which controls are needed to maintain the security of their information assets and it is therefore crucial that suppliers are assessed against the business regulatory and compliance framework...

Comments  (0)

58bc13ef5da5ac4fc32d41c3fbc0e460

Lessons from the Nortel Networks Breach

February 16, 2012 Added by:Suzanne Widup

Much is being published about how inappropriate the response to the Nortel incident was, but it demonstrates an important point for companies - how do you know when you’ve done enough? How do you tell when an incident is over, and you should go back to business as usual?

Comments  (0)

9f19bdb2d175ba86949c352b0cb85572

The Truth Behind Data Breaches

February 16, 2012 Added by:Neira Jones

SQLi was the number one attack vector found in both the Web Hacking Incident Database and the number one Web-based method of entry in incident response investigations. SQL injections were the number one Web application risk of 2011...

Comments  (7)

37d5f81e2277051bc17116221040d51c

One in Three Massachusetts Residents’ Records Breached

February 15, 2012 Added by:Robert Siciliano

Massachusetts has one of the most stringent data protection laws on the books. Companies are now reporting when even a single individual’s information has been compromised. Despite strict security requirements, companies are continually being hacked in record numbers....

Comments  (0)

F29746c6cb299c1755e4087e6126a816

Your Name and SSN - All a Thief Needs for Tax Fraud

February 14, 2012 Added by:Kelly Colgan

The IRS has seen a significant increase in the number of fraud cases involving identity theft, according to Steven Miller, IRS deputy commissioner for services and enforcement. Addresses don’t mean anything. All a thief needs is your name and Social Security number...

Comments  (1)

03b2ceb73723f8b53cd533e4fba898ee

KPN Hack: Why was Customer Notification Delayed?

February 13, 2012 Added by:Pierluigi Paganini

The login credentials were stored in plain text in the repository that had been exposed, and that is absurd. This is a failure of the basic security procedures that should be recognized internationally, and is an offense for which there should be heavy penalties...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Hacker Boasts of Intel Corporation Network Breach

February 13, 2012 Added by:Headlines

A hacker who goes by the handles "WeedGrower" and "X-pOSed" claims to have breached tech giant Intel and to have gained access to an Intel.com subscriber database that contains sensitive information including passwords, social security and credit card numbers...

Comments  (0)

Ba829a6cb97f554ffb0272cd3d6c18a7

Did the 2006 Symantec Breach Expose RSA's SecurID?

February 10, 2012 Added by:Kevin McAleavey

The Symantec leak could pose a risk to RSA's SecurID. Examination of the source code for PCAnywhere turned up something disturbing - numerous header files and several libraries belonging to RSA, and SecurID code is part of the exposed PCAnywhere product source code...

Comments  (23)

9f19bdb2d175ba86949c352b0cb85572

Incident Response: Have You Got a Plan?

February 06, 2012 Added by:Neira Jones

We should always aim to reduce the frequency of security incidents by effectively securing networks, systems, applications and have the appropriate policies and processes in place, and the NIST report helps in providing guidelines on responding to incidents effectively...

Comments  (0)

Page « < 10 - 11 - 12 - 13 - 14 > »