Blog Posts Tagged with "breaches"
ISA / ANSI: Financial Impact of Breached Health Information
March 20, 2012 Added by:Marjorie Morgan
Webinar participants will hear from industry experts who will highlight strategies for health care organizations and findings from the recently released report, The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security...
Comments (0)
APT Detection with IOCs: The New Maginot Line
March 18, 2012 Added by:Pascal Longpre
IOCs can also be easily circumvented by the attackers by using dormant backdoors created by different actors and using completely different techniques. Creating a simple backdoor that spawns a reverse shell to the attacker’s system requires limited skills, time and money...
Comments (0)
It’s Back: March Madness Higher Education Data Breach Brackets
March 12, 2012 Added by:Alexander Rothacker
The method to our ‘Madness’ is simple – based solely on the number of reported records breached in 2011, we put together brackets. For each U.S.-based institution of higher learning that reported a data breach in 2011, we seeded (ranked) them based on number of records affected...
Comments (0)
PCI: When a Breach is Not a Breach
March 08, 2012 Added by:PCI Guru
The lawsuit points out a disconcerting issue with a cardholder data breach: Any incident investigation initiated by the card brands under the PCI standards is going to focus on PCI compliance and not on whether or not the breach actually occurred...
Comments (0)
The Changing World of Information Security Compromises
March 08, 2012 Added by:Brent Huston
Hacktivism is an extended threat for infosec. You can be targeted for your partnerships, role in a supply chain, to steal CPU cycles/storage from your systems, or because you have a common vulnerability. There are a myriad of reasons from the criminal to the abstract...
Comments (0)
The Financial Impact of Breached Protected Health Information
March 07, 2012 Added by:Marjorie Morgan
The ISA and ANSI released a new report titled The Financial Impact of Breached Protected Health Information which explores the reputational, financial, legal, operational, and clinical repercussions of a protected health information breach on an organization...
Comments (0)
AntiSec Hackers Deface Panda Security's Website
March 06, 2012 Added by:Headlines
Just hours after key members of the Anonymous movement were arrested by law enforcement, the remaining minions have begun retaliatory hits against outspoken critics of the rogue hacktivist collective. The main website for security provider Panda Security was hacked and defaced...
Comments (0)
NASA Unprepared for Cyber Attacks
March 05, 2012 Added by:Pierluigi Paganini
The internal investigation at NASA also revealed that almost none of the agency's portable devices are encrypted, and that at least one of the stolen laptops contained algorithms to command and control systems for the International Space Station...
Comments (0)
Atlantic Security Conference 2012 Wrap Up
March 05, 2012 Added by:Darryl MacLeod
If you’re IT professional, and not necessarily one with a security focus, attending a conference like this would be well worth it. The threats discussed are very real and active. They will never go away, but that doesn’t mean the white hats should start waving white flags...
Comments (0)
Cyber Insurance: Efficient Way to Manage Risk in the Cloud?
February 27, 2012 Added by:David Navetta
While customers may enjoy some short term cost-benefits by going into the Cloud, they may be retaining more risk then they want - especially where Cloud providers refuse to accept that risk contractually). Cyber insurance may be a solution to help solve the problem...
Comments (0)
New EU Data Regulations – What Companies Need to Consider
February 23, 2012 Added by:Fergal Glynn
EU Data Protection Authorities will apply these rules even if this information is processed outside of Europe, it’s not clear today whether these new rules will have an impact on the existing Safe Harbor regulations – something to watch out for in the consultation period...
Comments (0)
McAfee Report: No Immunity from Targeted Attacks
February 22, 2012 Added by:Headlines
“The threat landscape continued to evolve in 2011, and we saw a significant shift in motivation for cyber attacks. Increasingly, we’ve seen that no organization, platform or device is immune to the increasingly sophisticated and targeted threats..."
Comments (0)
The Truth Behind Data Breaches
February 16, 2012 Added by:Neira Jones
SQLi was the number one attack vector found in both the Web Hacking Incident Database and the number one Web-based method of entry in incident response investigations. SQL injections were the number one Web application risk of 2011...
Comments (5)
Disclosures: How Much Sharing is Too Much?
February 15, 2012 Added by:Jack Daniel
What is the point of telling you I was compromised by spear phishing, SQL injection, cross site scripting, cross site request forgery, default credentials, or anything else we’ve know about for years? If you are ignoring all of the well-known risks, it is a waste of time...
Comments (0)
One in Three Massachusetts Residents’ Records Breached
February 15, 2012 Added by:Robert Siciliano
Massachusetts has one of the most stringent data protection laws on the books. Companies are now reporting when even a single individual’s information has been compromised. Despite strict security requirements, companies are continually being hacked in record numbers....
Comments (0)
In Cyber - Losers Ignore, Survivors React, Winners Predict
February 15, 2012 Added by:Richard Stiennon
Every organization has a choice: become a victim of cyber attack and pay the cost of recovery then rely on quick reactions to changes in the threat space to survive the next attack, or predict the escalation in attacks and invest early in the defenses required...
Comments (0)
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security
- The NSA’s Word Games Explained: How the Government Deceived Congress in the Debate over Surveillance Powers
- NSA Surveillance Is Legal And Not Targeting Average Americans, Says Texas A&M Professor