Blog Posts Tagged with "Data Leakage"
Six Must-Do Items to Protect Patient Privacy
October 03, 2012 Added by:Danny Lieberman
In order to prevent breaches of patient privacy, we first need to establish baseline business requirements for the organization. There are 6 business requirements for preventing patient privacy breaches, these are “must items” for any healthcare business unit manager...
Comments (0)
Friends and Family Breach Patient Privacy, Not Estonian Hackers
September 17, 2012 Added by:Danny Lieberman
Humans being are naturally curious, sometimes vindictive and always worried when it comes to the health condition of friends and family. Being human, they will bend rules to get information and in the course of bending rules, breach patient privacy...
Comments (0)
ICS-CERT: SpecView Directory Traversal Vulnerability
August 08, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a public report of a directory traversal vulnerability with proof-of-concept (PoC) exploit code affecting SpecView when a specially crafted request is passed to the web server running on Port 80\TCP. Successful exploitation could result in data leakage...
Comments (0)
ICS-CERT: WellinTech KingView and KingHistorian Vulnerabilities
July 09, 2012 Added by:Infosec Island Admin
Researchers have identified multiple vulnerabilities in WellinTech’s KingView and a single vulnerability in WellinTech’s KingHistorian application which are exploitable remotely and could lead to arbitrary code execution, information disclosure, and denial of service...
Comments (0)
Despite Breach Trends - Website Vulnerabilities Decrease
July 02, 2012 Added by:Headlines
"Despite the plethora of recent breach headlines, websites could in fact be getting... less vulnerable... The time for using 'No one would want to attack us' as a security strategy is clearly over, if it was ever true to begin with. Any company doing business online has something worth hacking into..."
Comments (1)
ICS-CERT: WAGO I/O 750 Multiple Vulnerabilities
June 21, 2012 Added by:Infosec Island Admin
The reported vulnerabilities from DSecRG have been coordinated with WAGO. WAGO has determined that the vulnerabilities can be mitigated by adjusting system configurations of services not in use. WAGO has released a customer cybersecurity notification on best security practices its products...
Comments (0)
Best Practices to Prevent Document Leaks
February 16, 2012 Added by:Peter Weger
Unfortunate consequences occur when companies lose control over confidential assets and experience intentional or unintentional disclosure of the information. In some cases, even the possibility of information leakage can damage reputations and stock prices...
Comments (0)
Why Data Leaks
February 13, 2012 Added by:Danny Lieberman
The main reason is people. People handle electronic data and make mistakes or do not follow policies. People are increasing conscious that information has value – all information has some value to someone and that someone may be willing to pay...
Comments (0)
ICS-CERT: Invensys Wonderware HMI XSS Vulnerabilities
February 09, 2012 Added by:Headlines
Researchers Billy Rios and Terry McCorkle have identified cross-site scripting (XSS) and write access violation vulnerabilities in the Invensys Wonderware HMI reports product that could result in data leakage, denial of service, or remote code execution...
Comments (0)
Legal Implications of Social Networking Part 3: Data Security
January 31, 2012 Added by:David Navetta
Technology exists for monitoring and tracking of social media usage by employees. Ultimately however, like social media itself, it comes down to people - risk can only be addressed appropriately if the individuals using social media are equipped to identify and mitigate against it...
Comments (0)
ICS-CERT: MICROSYS spol. s r.o. PROMOTIC Vulnerabilities
January 26, 2012 Added by:Headlines
The MICROSYS spol. s r.o. PROMOTIC vulnerabilities include directory traversal, ActiveX heap overflow, and ActiveX stack overflow vulnerabilities. Public exploits are known to target these vulnerabilities which may result in denial of service or data leakage...
Comments (0)
Mobile Application Security: New Platforms, Old Mistakes
January 24, 2012 Added by:Fergal Glynn
While Android may be a new platform, some of the security issues we found are reminiscent of old mistakes we have seen developers make. One example of this was the practice of hard-coding cryptographic keys directly into the application...
Comments (0)
HTC Android Devices are Leaking Sensitive User Data
October 03, 2011 Added by:Headlines
"The only reason the data is leaking left and right is because HTC set their snooping environment up this way. It's like leaving your keys under the mat and expecting nobody who finds them to unlock the door..."
Comments (0)
The Real Consequences of an Anonymous Data Leak
August 17, 2011 Added by:Rafal Los
I know many of my colleagues in infosec sympathize with the Anonymous cause, because it's not too difficult to do so. While I won't comment on how I feel about that - I can tell you I absolutely do not condone the reckless actions and short-sighted activity that leads to more harm than good...
Comments (2)
Three Things About Consumer Cloud Technology
July 07, 2011 Added by:Brent Huston
Organizations need data-centric controls that allow for flexibility in usage and protection. Your IT architectures and controls need to allow for those changes or face increasing levels of danger and obsolesce. You can not stop consumer cloud services from leaking into your enterprise...
Comments (0)
The PrimorisEra Affair: Social Networking and SECOPS
April 29, 2011 Added by:Scot Terban
Never mind if you work in a job that requires security, everyone should be cognizant when they are online talking to someone that they do not know in real life. From the common data thief to the corporate spy, we all may have data that someone wants and is willing to lie to get it...
Comments (0)
- Identity & Access Management: Give Me a REST
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security
- The NSA’s Word Games Explained: How the Government Deceived Congress in the Debate over Surveillance Powers