Vulns & Alerts


WikiLeaks Breach – Trusted Insiders Not Hackers

January 04, 2011 Added by:Danny Lieberman

Of course there is an insider threat and of course it is immune to anti-virus and firewalls and of course the US Federal government is way behind the curve on data security – installing host based security which was state of the art 7 years ago...

Comments  (0)


Honda Motors Company Customer Info Exposed

December 27, 2010 Added by:Rafal Los

The Honda FAQ site tells the users not to worry but does seem to hint subtly that you should change your password if you have a login on one of these sites... oddly even though the original letter the user posted appears to stress that the password was not stolen, only the user ID...

Comments  (0)


Hospital Data Breaches Cost $6 Billion Annually

November 16, 2010 Added by:Bill Gerneglia

The Benchmark Study on Patient Privacy and Data Security also said hospitals place a low priority on protecting patient data, that enormous vulnerabilities exist, and that many breaches go undetected...

Comments  (1)


Live ATM Skimming Video Confiscated

November 09, 2010 Added by:Robert Siciliano

In both cases, the criminals need to obtain the 4-digit cardholder PIN to allow for fraudulent cash withdrawal. The video shows criminals installing a micro camera above an ATM PIN pad and then placing a skimming device over the card reader throat...

Comments  (0)


Data Breaches Continue to Cost Companies Millions

November 06, 2010 Added by:Bill Gerneglia

The reason for the breaches vary; sometimes it's thanks to a hacker, sometimes just human error. Thirty-five percent involved outsourced data provided to third parties, while 36 percent were caused by hackers, according to the survey...

Comments  (0)

Why I think Microsoft’s claims that breaches are down are seriously confounded

October 16, 2010

Ever since yesterday morning when I read that Microsoft reported that breaches involving data loss are down, it’s been a puzzlement because all of the data I’ve seen this year suggest that the number of breach reports are up.  I think I’ve figured out how they came to what I see as an erroneous statement.

Comments  (0)


Coping with the Inevitability of a Data Breach

October 13, 2010 Added by:Robb Reck

While an attacker will eventually figure out a way around your firewall, as soon as they do a good SIEM can alert the NOC and send technicians rushing to respond. In a perfect world, we will keep attackers, both external and internal, from having the opportunity to exploit our systems. But the reality is that breaches do occur...

Comments  (0)

Improper Disposal of Confidential Client Records Earns Lawyer (Only?) a Public Reprimand

October 07, 2010

Here’s a follow-up on a breach involving paper records, but I don’t think I  ever knew of this breach at the time it occurred, although it reminds me of a similar breach where a psychologist’s adult children did something similar. Leigh Jones reports: An Indiana adoption lawyer whose client files were scattered in the wind after his adult childre...

Comments  (0)

From the Web

Super Nuclear Worm Invades Kazakhstan

October 03, 2010 from: AEON Security Blog

When I first heard about Stuxnet, it made me shrug my shoulders just as much as I shrugged when hearing about Aurora – the “(un)Advanced Persistent Threat.” Outside from all the hype, the entire concept of “Stuxnet” being a “highly weaponized targeted” threat is way out of tune with reality. From everything I have read so far, everyone seems to be repeating what everyone else is repe...

Comments  (2)


Maine Supreme Court Ends Hannaford Breach Suit

September 26, 2010 Added by:David Navetta

Regardless of the potential flaws in this decision, this decision adds another significant court to those that fail to recognize damages in a data breach lawsuit. At this point, it is unclear whether the plaintiffs will ever achieve a victory on this issue...

Comments  (0)


Third-Parties and the Protection of Sensitive Information

September 20, 2010 Added by:Katie Weaver-Johnson

Third-parties are increasingly responsible for data breaches. A recent GAO report has revealed that federal agencies utilizing contracted workers are failing to implement contractual assurances with third-parties regarding the protection of sensitive information...

Comments  (3)

From the Web

Odds, Disclosure, Etc…

September 18, 2010 from: Rsnake's blog at

I went to Data Loss DB the other day and I noticed an interesting downward trend over the last two years. It could be due to a lot of things. Maybe people are losing their laptops less or maybe hackers have decided to slow down all that hacking they were doing. No, I suspect it’s because in the dawn of social networking and collective thinking, companies fear disclosure more than ever before.

Comments  (0)


Organized Crime Responsible For Most Breaches

September 17, 2010 Added by:Robert Siciliano

Global web mobs are tearing up corporations’ and financial institutions’ networks. According to a new Verizon report, a staggering 900 million records have been compromised in the past six years. Up to 85 percent of the breaches were blamed on organized criminals...

Comments  (1)


Thirteen Million Records Breached in 2010 - So Far

September 01, 2010 Added by:Robert Siciliano

Even if you are protecting your PC and keeping your critical security patches and antivirus definitions updated, there is always a chance that your bank or credit card company may get hacked. With millions of records being compromised every year, consider your data breached!

Comments  (1)


Veterans Affairs: Implement Data Breach Lessons Learned

August 26, 2010 Added by:Katie Weaver-Johnson

From April through July of 2010, the VA has lost 72 BlackBerrys and 34 laptops. Patient information has been sent to the wrong address or mailed incorrectly 441 times. Almost 10,000 breach incidents in 3 months. What is wrong with this picture?

Comments  (1)


Mandatory Disclosure: A Hazard for Infosec?

July 30, 2010 Added by:Niels Groeneveld

Management teams prefer to reduce risk and cost. The legislation forces companies to disclose breaches, but does not force companies to find them. Given these circumstances, a possible option to reduce risk is to decrease the chance that security breaches will be found...

Comments  (3)

Page « < 18 - 19 - 20 - 21 - 22 > »