Blog Posts Tagged with "breaches"
March 20, 2012 Added by:Neira Jones
Assuming we have managed to address the infosec gap, we’re left with ensuring the security of information assets and services. Because we are all governed by material pressures, it would be unrealistic that we should embark on all encompassing programs to secure all assets..
March 20, 2012 Added by:Marjorie Morgan
Webinar participants will hear from industry experts who will highlight strategies for health care organizations and findings from the recently released report, The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security...
March 18, 2012 Added by:Pascal Longpre
IOCs can also be easily circumvented by the attackers by using dormant backdoors created by different actors and using completely different techniques. Creating a simple backdoor that spawns a reverse shell to the attacker’s system requires limited skills, time and money...
March 12, 2012 Added by:Alexander Rothacker
The method to our ‘Madness’ is simple – based solely on the number of reported records breached in 2011, we put together brackets. For each U.S.-based institution of higher learning that reported a data breach in 2011, we seeded (ranked) them based on number of records affected...
March 08, 2012 Added by:PCI Guru
The lawsuit points out a disconcerting issue with a cardholder data breach: Any incident investigation initiated by the card brands under the PCI standards is going to focus on PCI compliance and not on whether or not the breach actually occurred...
March 08, 2012 Added by:Brent Huston
Hacktivism is an extended threat for infosec. You can be targeted for your partnerships, role in a supply chain, to steal CPU cycles/storage from your systems, or because you have a common vulnerability. There are a myriad of reasons from the criminal to the abstract...
March 07, 2012 Added by:Marjorie Morgan
The ISA and ANSI released a new report titled The Financial Impact of Breached Protected Health Information which explores the reputational, financial, legal, operational, and clinical repercussions of a protected health information breach on an organization...
March 06, 2012 Added by:Headlines
Just hours after key members of the Anonymous movement were arrested by law enforcement, the remaining minions have begun retaliatory hits against outspoken critics of the rogue hacktivist collective. The main website for security provider Panda Security was hacked and defaced...
March 05, 2012 Added by:Pierluigi Paganini
The internal investigation at NASA also revealed that almost none of the agency's portable devices are encrypted, and that at least one of the stolen laptops contained algorithms to command and control systems for the International Space Station...
March 05, 2012 Added by:Darryl MacLeod
If you’re IT professional, and not necessarily one with a security focus, attending a conference like this would be well worth it. The threats discussed are very real and active. They will never go away, but that doesn’t mean the white hats should start waving white flags...
February 27, 2012 Added by:David Navetta
While customers may enjoy some short term cost-benefits by going into the Cloud, they may be retaining more risk then they want - especially where Cloud providers refuse to accept that risk contractually). Cyber insurance may be a solution to help solve the problem...
February 23, 2012 Added by:Fergal Glynn
EU Data Protection Authorities will apply these rules even if this information is processed outside of Europe, it’s not clear today whether these new rules will have an impact on the existing Safe Harbor regulations – something to watch out for in the consultation period...
February 22, 2012 Added by:Headlines
“The threat landscape continued to evolve in 2011, and we saw a significant shift in motivation for cyber attacks. Increasingly, we’ve seen that no organization, platform or device is immune to the increasingly sophisticated and targeted threats..."
February 16, 2012 Added by:Neira Jones
SQLi was the number one attack vector found in both the Web Hacking Incident Database and the number one Web-based method of entry in incident response investigations. SQL injections were the number one Web application risk of 2011...
February 15, 2012 Added by:Jack Daniel
What is the point of telling you I was compromised by spear phishing, SQL injection, cross site scripting, cross site request forgery, default credentials, or anything else we’ve know about for years? If you are ignoring all of the well-known risks, it is a waste of time...
February 15, 2012 Added by:Robert Siciliano
Massachusetts has one of the most stringent data protection laws on the books. Companies are now reporting when even a single individual’s information has been compromised. Despite strict security requirements, companies are continually being hacked in record numbers....
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015