Vulns & Alerts
July 28, 2011 Added by:Headlines
"We live in a data-driven society and access to sensitive or proprietary data continues to bleed past organizational walls, making it a challenge for IT security teams to protect corporate data. Organizations must be able to proactively identify and mitigate security threats in real time..."
July 22, 2011 Added by:Headlines
''Stealing is stealing whether you use a computer command or a crowbar, and whether you take documents, data or dollars. It is equally harmful to the victim whether you sell what you have stolen or give it away," said U.S. Attorney Carmen Ortiz...
July 21, 2011 Added by:Mike Meikle
Systems and software are designed by humans and there will be flaws that can be exploited. Plus, social engineering will always provide a path to compromising the most secure systems due to the fallibility of the human element. Legislation will not address these factors...
July 14, 2011 Added by:Kelly Colgan
The news is bad: Your company suffered a data breach. Don’t make it worse by sending out a confusing, overly technical or outright alarming letter to your customers. The goal is to inform, educate and reassure your customers, not bore or scare them...
July 12, 2011 Added by:Headlines
"Booz Allen Hamilton has confirmed today that the posting of certain data files on the Internet yesterday was the result of an illegal attack. We are conducting a full review of the nature and extent of the attack..."
July 11, 2011 Added by:Brian McGinley
Data breaches are an everyday occurrence affecting millions of Americans each year. Just ask crafters who shop at Michael’s Stores, Sony PlayStation Network gamers, and investors at Morgan Stanley. They’re all vulnerable to identity theft because their information (PII) was exposed...
July 09, 2011 Added by:Danny Lieberman
PCI DSS 2.0 does not require outbound, real time or any other kind of data loss monitoring. The phrases “real time” and “data loss” don’t appear in the standard. In an informal conversation with a PCI DSS official in the region, he confessed to not even being familiar with DLP...
July 08, 2011 Added by:Headlines
A new ad-hoc group of hacktivists calling itself "Connexion Hack Team" has published a list of email addresses associated with the US government including account information from the military, the Department of Homeland Security, the National Security Agency, and several state agencies...
July 07, 2011 Added by:Kelly Colgan
A day doesn’t go by when we read news of a data breach at a major company, healthcare facility or financial institution. Epsilon, Sony and now Morgan Stanley, are a good examples. What do you do when a data breach notification letter lands in your mailbox? The short answer: Don’t panic...
July 06, 2011 Added by:Robert Siciliano
There are now multiple breach lists, and not all define a data breach the same way. According to the Identity Theft Resource Center, there were at least 662 data breaches in 2010, which exposed more than 16 million records. Nearly two-thirds of breaches exposed Social Security numbers...
July 06, 2011 Added by:Headlines
"The sensitive information on the password-protected CD-ROMs included names, addresses, Social Security numbers, Morgan Stanley Smith Barney account numbers and income earned on tax exempt bonds or funds you hold or held in 2010..."
July 01, 2011 Added by:Rafal Los
Put yourself in the shoes of a few of the major organizations that have had high-profile data breaches due to compromised applications or web sites lately... the more they struggle and fight, the worse things appear to get. Why is this? Remember that there are no castle walls...
June 27, 2011 Added by:Headlines
Officials from the banking giant now assert that $2.7 million was stolen from about 3,400 accounts in the May attack. Citigroup immediately reported the security incident to law enforcement and regulatory authorities, but waited about three weeks before notifying affected customers...
June 20, 2011 Added by:Headlines
In an odd turn of events, the most likely suspect in the attack against Sega, the hacker collective LulzSec, apparently was not involved in this latest event and has offered to help Sega track down the culprits...
June 16, 2011 Added by:Headlines
"The customers' account information (name, account number and contact information, including email address) was viewed. However, data that is critical to commit fraud was not compromised: the customers' social security number, date of birth, card expiration date and card security code..."
June 13, 2011 Added by:Luis Corrons
Even though there are no details on the attack, speculation started talking about a "foreign country" being behind the attack, many fingers pointing at China (as usual) and talking about cyberwarfare. But it also makes sense that this is not a targeted attack...
How Businesses Can Reduce Wearables Security... manthan rathod on 04-09-2015
Lessons From Hillary Clinton's Email Securit... manthan rathod on 04-09-2015
New Facebook Worm Variant Leverages Multiple... manthan rathod on 04-09-2015