Vulns & Alerts
September 07, 2011 Added by:David Navetta
SB 24 requires the inclusion of certain content in data breach notifications, including a description of the incident, the type of information breached, the time of the breach, and toll-free telephone numbers and addresses of the major credit reporting agencies in California...
September 03, 2011 Added by:Robert Siciliano
The computer or other device the scammer used to access Comerica’s website could surely have been traced overseas and flagged for: hiding behind a proxy, device anomalies such as a time zone and browser language mismatch, past history of online scams and identity theft, and the list goes on...
August 29, 2011 Added by:Kurt Aubuchon
Hospitals are 48 times more likely to show up as breach victims than would be predicted if breaches were distributed evenly among all US firms. Colleges and universities turn up in breach reports about 357 times more often than if distributed evenly. That is a staggering number....
August 19, 2011 Added by:Headlines
AntiSec hackers have made good on their threat to release sensitive emails and documents stolen in an operation against defense contractor VDI, revealing evidence that financial giant Merrill Lynch may have tipped off VDI about S&P plans to downgrade the U.S. government's credit rating...
August 18, 2011 Added by:Headlines
Quantifying the cost of a cyber attack is admittedly subjective on some levels given that the scope of the impact may not be readily reportable and collateral damage is difficult to pinpoint, but the author does manage to assemble a viable list of the most devastating network attacks...
August 16, 2011 Added by:Headlines
The AntiSec hacker collective has breached the email accounts of defense contractor Vanguard Defense Industries. The firm was targeted due to their relationships with law enforcement agencies, and the attackers plan to release several thousand emails and documents that were stolen in the operation...
August 11, 2011 Added by:Headlines
"If these intrusions can be classified as more 'unsophisticated' and 'opportunistic,' what is the threat of the more 'insidious' intrusions on which McAfee has focused in recent years? How can we effectively prevent or mitigate these more insidious intrusions?"
August 11, 2011 Added by:Headlines
The results of a live poll conducted at its annual North American Insights client conference show fraud and cyber crime continue to be among the most daunting issues that banks are facing today. Bankers believe it is a challenge that they will never be able to get under control...
July 28, 2011 Added by:Javvad Malik
Your competitors are taking advantage of your weakened state and swooping in on your customers, wooing them with offers too good to resist and promising them a life of security they deserve which you could never provide. Is there anything you can do to stem your losses?
July 28, 2011 Added by:Headlines
"We live in a data-driven society and access to sensitive or proprietary data continues to bleed past organizational walls, making it a challenge for IT security teams to protect corporate data. Organizations must be able to proactively identify and mitigate security threats in real time..."
July 22, 2011 Added by:Headlines
''Stealing is stealing whether you use a computer command or a crowbar, and whether you take documents, data or dollars. It is equally harmful to the victim whether you sell what you have stolen or give it away," said U.S. Attorney Carmen Ortiz...
July 21, 2011 Added by:Mike Meikle
Systems and software are designed by humans and there will be flaws that can be exploited. Plus, social engineering will always provide a path to compromising the most secure systems due to the fallibility of the human element. Legislation will not address these factors...
July 14, 2011 Added by:Kelly Colgan
The news is bad: Your company suffered a data breach. Don’t make it worse by sending out a confusing, overly technical or outright alarming letter to your customers. The goal is to inform, educate and reassure your customers, not bore or scare them...
July 12, 2011 Added by:Headlines
"Booz Allen Hamilton has confirmed today that the posting of certain data files on the Internet yesterday was the result of an illegal attack. We are conducting a full review of the nature and extent of the attack..."
July 11, 2011 Added by:Brian McGinley
Data breaches are an everyday occurrence affecting millions of Americans each year. Just ask crafters who shop at Michael’s Stores, Sony PlayStation Network gamers, and investors at Morgan Stanley. They’re all vulnerable to identity theft because their information (PII) was exposed...
July 09, 2011 Added by:Danny Lieberman
PCI DSS 2.0 does not require outbound, real time or any other kind of data loss monitoring. The phrases “real time” and “data loss” don’t appear in the standard. In an informal conversation with a PCI DSS official in the region, he confessed to not even being familiar with DLP...
Hacker to Release Symantec's PCAnywhere Sour... Kajal Singh on 04-21-2015
Financial Malware Fell in 2014 As Takedown O... Kajal Singh on 04-21-2015
Weaknesses in Air Traffic Control Systems ar... Kajal Singh on 04-21-2015