Latest Posts

65be44ae7088566069cc3bef454174a7

Physician Learns A Hard PHI Lesson

April 20, 2011 Added by:Rebecca Herold

What is important to point out about this case is that the doctor described the patient’s injuries in such a way that an unauthorized third party would be able to identify the person described, even though the doctor did not include any of the 18 specifically-named PHI items...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Top Five Mobile Operating System Options

April 20, 2011 Added by:Robert Siciliano

Five major players have floated to the top, dominating a major chunk of the mobile operating systems market. It used to be that people chose their phone only by their carrier and what brands they offered. Today many choose their phone based on the manufacturer and its operating system...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Learning USB Lessons the Hard Way

April 20, 2011 Added by:Brent Huston

Our inspection revealed a job in the scheduler set to kick off on Saturdays at 5am and launch this particular malware component which appeared to be designed to grab the cookies from the browser and some credentials from the system and users then throw them out to the host in China...

Comments  (1)

Dd9902bc56a9d85cdc62c00083ea4871

Whistleblower Costs CVS $17.5 Million... OK, Then What?

April 20, 2011 Added by:Katie Weaver-Johnson

The federal government is paying whistleblowers, and now that we also have Wikileaks and other public web sites to report to, organizations need to make sure they have more holistic and comprehensive platforms for employees to report suspicious incidents internally...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

State Police Search Mobile Phones During Traffic Stops

April 20, 2011 Added by:Headlines

Complete extraction of existing, hidden, and deleted data, including call history, text messages, contacts, images, and allows visualization of existing and deleted locations on Google Earth. Location information from GPS devices and image geotags can be mapped on Google Maps...

Comments  (1)

0dc5fdbc98f80f9aaf2b43b8bc795ea8

Fifteen Top Paying IT Certifications

April 19, 2011 Added by:Global Knowledge

When most individuals hear the word "Certification", dollar signs immediately begin dancing in their heads. While some certifications do command a higher salary, this is not true for all. Time to look at some of the more popular certifications - and their associated pay...

Comments  (8)

27ef2e87221c355f517e2824b19f7ca6

European Cybercrime 10 Years On - Why It’s Not Working

April 19, 2011 Added by:Jared Carstensen

The recent economic growth in Europe (bank bailouts aside), upgrades to infrastructure, communications, and internet speeds, coupled with the reduced costs of equipment required for cyber criminals to operate, has greatly assisted cyber criminals and cartels in their mission...

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

Data Breach Overload is Killing SSA

April 19, 2011 Added by:Rafal Los

Money and technology alone won't bring us secure software or applications. Many times the idea of spending a large chunk of money on tools alone sounds appealing because someone selling you something says that you should - but I'd like to urge caution...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Epsilon Breach Will Impact Consumers for Years

April 19, 2011 Added by:Robert Siciliano

Consumers are receiving messages from trusted companies such as 1-800-Flowers, Chase, Hilton and others, letting them know that their e-mail addresses have been exposed. This provides a perfect opportunity for cybercriminals who may try to take advantage of the breach...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

Cyber Attack Hits Oak Ridge National Laboratory

April 19, 2011 Added by:Headlines

"Certainly what we’ve seen is very consistent with the RSA attack. Whoever is doing this attempts to get a foothold in the network system, works patiently and relatively quietly to try to expand that and is looking for specific types of information..."

Comments  (0)

6429389c5e8a4c9555be876f8484331a

Web Application Security: Minimizing the Risk of Attacks

April 19, 2011 Added by:Sasha Nunke

Vulnerabilities in web applications are now the largest source of enterprise security attacks. Web application vulnerabilities accounted for over 55% of all vulnerabilities disclosed in 2010, according to an IBM X-Force study. That may be the tip of the iceberg...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

Rogue Admins Allow Games on Company Servers

April 19, 2011 Added by:Bill Gerneglia

A sizable number of comments took the line that playing games on corporate systems was either beneficial to the company or caused no significant harm. One agreed with an IT professional quoted in the story, who said that gaming helps IT employees “stay sharp"...

Comments  (1)

850c7a8a30fa40cf01a9db756b49155a

The Art of Cyber Warfare: Counterattack Fail

April 18, 2011 Added by:J. Oquendo

The sole purpose of Ensatus is deception and it drives the point of "fail" when it comes to counterattacking. If I were performing a sanctioned penetration test, I would be using decoys. In the event counterattacking were legal, you would be counterattacking an innocent victim...

Comments  (2)

67a9d83011f3fbb2cf8503aff453cc24

Information Security Risk Management Programs Part Two

April 18, 2011 Added by:kapil assudani

In many companies, the culture is to embrace security only where it is absolutely necessary, and this usually comes through corporate security policies and industry regulations. Beyond these, security groups hardly have any teeth - unless its a critical security issue...

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

Detailed FISMA Logging Guidance Continued

April 18, 2011 Added by:Anton Chuvakin

Configuring tools needs to happen after the policy is created. Goals first, infrastructure choices second. In case of privacy and other regulations on top of FISMA, the legal department should also have their say, however unpalatable it may be to the security team...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Senators Introduce Cyber Security Public Awareness Act

April 18, 2011 Added by:Headlines

“The government keeps the damage we are sustaining from cyber attacks secret because it is classified. The private sector keeps the damage they are sustaining from cyber attacks secret so as not to look bad... The net result of that is that the American public gets left in the dark..."

Comments  (0)

37d5f81e2277051bc17116221040d51c

The Rise of Smartphones and Related Security Issues

April 18, 2011 Added by:Robert Siciliano

As more and higher speed networks are built, more consumers will gravitate toward the mobile web. Smartphone users are downloading billions of apps and spending millions via mobile payments. For the younger generation, smartphones are used for a majority of ecommerce transactions...

Comments  (0)

314f19f082e69886c20e31c70fe6dceb

Epsilon: Be Wary of Phishing Attempts

April 18, 2011 Added by:Rod MacPherson

Another scam that they are running is a fake Epsilon breach news update site (copied from the actual press release site) that offers up a downloadable tool that they tell you to run to see if the hackers have your e-mail address. That tool is a Trojan...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Defining the Insider Threat

April 17, 2011 Added by:Danny Lieberman

Mitigating the insider threat requires defining whether or not there IS a threat, and if so, finding the right security countermeasures to mitigate the risk. One wonders whether or not RSA eats their own dog food, and had deployed a data loss prevention system. Apparently not...

Comments  (8)

F520f65cba281c31e29c857faa651872

Mobile Devices Continue to Attract Cyber-Scamsters

April 17, 2011 Added by:Rahul Neel Mani

While it’s only beginning to percolate, a trend is clearly emerging— cyber criminals are looking for new opportunities outside of the PC environment. They are investing more resources toward developing exploits that specifically target users of mobile devices...

Comments  (0)