Vulns & Alerts

E376ca757c1ebdfbca96615bf71247bb

Chisco: Welcome To The Hunan Network?

April 23, 2010 Added by:shawn merdinger

On NPR's 'Fresh Air' this week, Richard Clarke made some great points, in particular with the logic bomb scenarios of sneaking in code and untrustworthy hardware. While this is old news, it's still a very real threat -- recall that Chisco devices were discovered on US government networks and disclosed back in 2008.

Comments  (0)

6d117b57d55f63febe392e40a478011f

An Interview with U.N. Cybersecurity Expert Raoul Chiesa

April 15, 2010 Added by:Anthony M. Freed

I recently had the pleasure of talking with Raoul Chiesa, OPST, OPSA, and ISECOM Trainer, about international perspectives on cybersecurity issues. Mr. Chiesa is a Senior Advisor on Strategic Alliances & Cybercrime Issues at the Global Crimes Unit for the United Nations Interregional Crime & Justice Research Institute, a Member of the Permanent Stakeholders Group at the European Network &a...

Comments  (0)

49afa3a1bba5280af6c4bf2fb5ea7669

FaaS: Fraud as a Service

April 14, 2010 Added by:Mike Meikle

In working with various clients on the topic of security, a common theme has emerged. Management and employees still labor under the perception that fraud is still the purview of unorganized individuals with an axe to grind against a specific company. 

Comments  (0)

72cc4c5e6cbde70aa374bf94076ad722

A perspective on the theft of confidential documents by former employee at Ford.

April 09, 2010 Added by:Peter Abatan

When I read that a former Ford product engineer had stolen over 4000 confidential documents containing trade secrets from his former employer, I began to wonder how many companies out there are as vulnerable to the same degree as Ford. Fortunately for Ford this employee got caught, but it remains unknown how many employees have successfully got away without Ford’s knowledge?

Comments  (6)

37d5f81e2277051bc17116221040d51c

Be careful Your PC Isn’t Held for Ransom

April 06, 2010 Added by:Robert Siciliano

Computerworld reported that a hacker threatened to expose health data and demanded $10 million from a government agency. The alleged ransom note posted on the Virginia DHP Prescription Monitoring Program site claimed that the hacker had backed up and encrypted more than 8 million patient records and 35 million prescriptions and then deleted the original data. “Unfortunately for Virginia, the...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Is That Portable Device a Data Hazard?

April 06, 2010 Added by:Robert Siciliano

According to a survey  of London and New York City taxi companies last year revealed that more than 12,500 devices, such as laptops, iPods and memory sticks, are forgotten in taxis every six months. Portable devices that may have troves of sensitive data.

Comments  (1)

65be44ae7088566069cc3bef454174a7

Inside the Perplexities of Enterprise Privacy Policies

April 01, 2010 Added by:Rebecca Herold

An important consideration with information security incidents is identifying if personally identifiable information (PII) is involved. If it is, then the privacy breach response teamneeds to be put into action to determine whether or not an actual privacy breach occurred.

Comments  (0)

Ba5964a1284ac16d4277991e7225699c

Sometimes, some stuff should just stay private...

April 01, 2010 Added by:Jason Remillard

As reported in the past few days, a site selling  Durex condoms have had a small 'exposure' problem.  As reported, the site had been suffering (time length unknown) from several basic security exposures, including even allowing orders to be viewed online, without a login - simply by changing the order number!

Comments  (0)

F338ee966b0240a58cc1dbf24855dd26

Cyber Crime & Terrorism Take a Dangerous Turn

March 24, 2010 Added by:Jenni Hesterman

Most would agree that globalization, fed by technological advances in the information system and telecommunications realms, has overwhelmingly been a "good thing". Our world is connected like never before, and those formerly isolated are now part of the landscape, able to access critical medical information, tap educational resources and answer almost any question in two clicks.

Comments  (4)


From the Web

Even Einstein Can’t Track Google’s “Script Kiddie” Hackers

March 09, 2010 from: AEON Security Blog

News surrounding the attacks at Google and other companies are a dime a dozen and, while we have not seen any evidence publicly disclosed, we too can speculate along with everyone else. My first thoughts surrounding the news of the attack led me to believe that the compromise may have been an inside job.

Comments  (4)

E4b33dbe234685965beb3e9f2a0ad456

Google, Adobe, and Big Oil Attack Commonalities

March 07, 2010 Added by:Ted LeRoy

The work of protecting information is becoming more difficult with time.  The recently discovered attacks on Google, Adobe, Marathon Oil, ExxonMobil, and ConocoPhillips illustrate an alarming trend.  The attacks even gave rise to a new attack model, the Advanced Persistent Threat (APT).

Comments  (0)

B59a51a3c0bf9c5228fde841714f523a

How Twitter spam steals from Google, Yahoo!

March 06, 2010 Added by:Chester Wisniewski

Scammers have been devising ways to ride on someone else's coattails since the dawn of time. With every new technology they find another way to make money from nothing. Today I am going to highlight a method that involves Twitter, Yahoo!, and Google AdSense.

Comments  (0)


From the Web

Welcome Infosec Island Network readers

February 28, 2010 from: Office of Inadequate Security

Over the weekend, I added 19 financial, 21 business, 4 healthcare, 1 government and 1 not-for-profit breaches thanks to the Maryland Attorney General’s Office updating their web site. You may also be interested in reading how much manpower was involved in trying to identify whose data and what kinds of data were in the audio and video files on the 57 stolen BlueCross BlueShield hard drives.&...

Comments  (1)


From the Web

19 more financial sector breaches from 2009

February 27, 2010 from: Office of Inadequate Security

Maryland has updated its web site to provide breach notifications that it has received since its last update.  The newly posted notifications are for the period ending December 31, 2009, so there will likely be more to come for 2010

Comments  (0)


From the Web

21 more business sector breaches from 2009

February 27, 2010 from: Office of Inadequate Security

Maryland has updated its web site to provide breach notifications that it has received since its last update.  The newly posted notifications are for the period ending December 31, 2009, so there will likely be more to come for 2010

Comments  (0)


From the Web

A rise in cyber attacks by one third saw 100 per cent of enterprises experience cyber losses in 2009

February 25, 2010 from: Saumil's Infosec Blog

According to Symantec's 2010 State of Enterprise Security study, 75 per cent of enterprises experienced cyber attacks in the last 12 months and 36 per cent rated the attacks somewhat/highly effective. Also, there was a 29 per cent rise in reported attacks in the last 12 months.

Comments  (0)

Page « < 18 - 19 - 20 - 21 - 22 > »