Blog Posts Tagged with "breaches"
March 20, 2012 Added by:Marjorie Morgan
Webinar participants will hear from industry experts who will highlight strategies for health care organizations and findings from the recently released report, The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security...
March 18, 2012 Added by:Pascal Longpre
IOCs can also be easily circumvented by the attackers by using dormant backdoors created by different actors and using completely different techniques. Creating a simple backdoor that spawns a reverse shell to the attacker’s system requires limited skills, time and money...
March 12, 2012 Added by:Alexander Rothacker
The method to our ‘Madness’ is simple – based solely on the number of reported records breached in 2011, we put together brackets. For each U.S.-based institution of higher learning that reported a data breach in 2011, we seeded (ranked) them based on number of records affected...
March 08, 2012 Added by:PCI Guru
The lawsuit points out a disconcerting issue with a cardholder data breach: Any incident investigation initiated by the card brands under the PCI standards is going to focus on PCI compliance and not on whether or not the breach actually occurred...
March 08, 2012 Added by:Brent Huston
Hacktivism is an extended threat for infosec. You can be targeted for your partnerships, role in a supply chain, to steal CPU cycles/storage from your systems, or because you have a common vulnerability. There are a myriad of reasons from the criminal to the abstract...
March 07, 2012 Added by:Marjorie Morgan
The ISA and ANSI released a new report titled The Financial Impact of Breached Protected Health Information which explores the reputational, financial, legal, operational, and clinical repercussions of a protected health information breach on an organization...
March 06, 2012 Added by:Headlines
Just hours after key members of the Anonymous movement were arrested by law enforcement, the remaining minions have begun retaliatory hits against outspoken critics of the rogue hacktivist collective. The main website for security provider Panda Security was hacked and defaced...
March 05, 2012 Added by:Pierluigi Paganini
The internal investigation at NASA also revealed that almost none of the agency's portable devices are encrypted, and that at least one of the stolen laptops contained algorithms to command and control systems for the International Space Station...
March 05, 2012 Added by:Darryl MacLeod
If you’re IT professional, and not necessarily one with a security focus, attending a conference like this would be well worth it. The threats discussed are very real and active. They will never go away, but that doesn’t mean the white hats should start waving white flags...
February 27, 2012 Added by:David Navetta
While customers may enjoy some short term cost-benefits by going into the Cloud, they may be retaining more risk then they want - especially where Cloud providers refuse to accept that risk contractually). Cyber insurance may be a solution to help solve the problem...
February 23, 2012 Added by:Fergal Glynn
EU Data Protection Authorities will apply these rules even if this information is processed outside of Europe, it’s not clear today whether these new rules will have an impact on the existing Safe Harbor regulations – something to watch out for in the consultation period...
February 22, 2012 Added by:Headlines
“The threat landscape continued to evolve in 2011, and we saw a significant shift in motivation for cyber attacks. Increasingly, we’ve seen that no organization, platform or device is immune to the increasingly sophisticated and targeted threats..."
February 16, 2012 Added by:Neira Jones
SQLi was the number one attack vector found in both the Web Hacking Incident Database and the number one Web-based method of entry in incident response investigations. SQL injections were the number one Web application risk of 2011...
February 15, 2012 Added by:Jack Daniel
What is the point of telling you I was compromised by spear phishing, SQL injection, cross site scripting, cross site request forgery, default credentials, or anything else we’ve know about for years? If you are ignoring all of the well-known risks, it is a waste of time...
February 15, 2012 Added by:Robert Siciliano
Massachusetts has one of the most stringent data protection laws on the books. Companies are now reporting when even a single individual’s information has been compromised. Despite strict security requirements, companies are continually being hacked in record numbers....
February 15, 2012 Added by:Richard Stiennon
Every organization has a choice: become a victim of cyber attack and pay the cost of recovery then rely on quick reactions to changes in the threat space to survive the next attack, or predict the escalation in attacks and invest early in the defenses required...
Target Data Breach: Millions of In-Store Cre... Helen Baker on 12-19-2013
Eroding the Skills That Drive IT... Westley McDuffie on 12-17-2013
Are Security Professionals Exiting the Enter... Westley McDuffie on 12-17-2013