Vulns & Alerts
April 29, 2011 Added by:David Navetta
Beyond litigation risk, treating personal information in the same manner as property could significantly impact the current quid pro quo of the Internet and how information is collected, used and transferred. It will be interesting to follow this case through the next round of discovery...
April 28, 2011 Added by:Rafal Los
What are PSN gamers/users more worried about? Are PSN gamers more worried about their heard-earned trophies and status on their favorite games, or the fact that their personal information and maybe even their credit cards were pilfered?
April 27, 2011 Added by:Jared Carstensen
What this means for those affected: Your name, date of birth, address, billing address and contact details are most likely not going to change - so this information could be as valuable in a year or two to these criminals, as it is now - potentially even more valuable...
April 26, 2011 Added by:Alexander Rothacker
Is Oracle misleading its database customers during its quarterly Critical Patch Updates (CPUs)? Unfortunately for its customers, Oracle has figured out a way to downplay the severity of its vulnerabilities and water down the Common Vulnerability Scoring System (CVSS) scoring...
April 25, 2011 Added by:Robert Siciliano
These virtual dollars and virtual goods have real value. Virtual currency includes the points customers receive from retailers, merchants, airlines, hotels, and credit card companies through loyalty programs. These points are the second most traded currency on the planet...
April 25, 2011 Added by:Headlines
The revelations in those documents range from intelligence on the whereabouts of Al Qaeda leaders to the individual stories of often-innocent detainees to the ugly and ineffective improvisations on intelligence gathering within Guantanamo’s operations...
April 22, 2011 Added by:Headlines
The responsibility for protecting personal identifying information is on those who request and store it. All entities that collect personal information need to understand the concept that only they can safeguard our information, and that this safeguarding must be an urgent priority...
April 19, 2011 Added by:Robert Siciliano
Consumers are receiving messages from trusted companies such as 1-800-Flowers, Chase, Hilton and others, letting them know that their e-mail addresses have been exposed. This provides a perfect opportunity for cybercriminals who may try to take advantage of the breach...
April 11, 2011 Added by:Alexander Rothacker
Organizations rely on third party providers for numerous responsibilities and often treat them as an extension of their organization. Allowing third party access to ANY information should REQUIRE that they provide the most stringent security measures...
April 01, 2011 Added by:Bill Gerneglia
Those are some of the findings of the 2010 US Cost of a Data Breach study from the Ponemon Institute. The benchmark study looked at the experiences of 51 US companies in 15 industry sectors; it's the sixth annual such survey done by Ponemon...
March 29, 2011 Added by:Alexander Rothacker
We thought it might be fun to take a look at which higher education institutions would make the “Data Breach Final Four”. Based on the number of reported records breached in 2010, we put together brackets for what we are calling the 2010 Higher Education Data Breach Madness...
March 28, 2011 Added by:Rafal Los
Allow me to point out a little bit of irony in this headline... a website for one of the more popular open-source database alternatives gets completely compromised using blind SQL Injection. Ouch. Someone going by the moniker "Jack Haxor" posted this to the Full Disclosure mailing list...
March 27, 2011 Added by:Eric Cissorsky
When IT Security panics, it causes ripple effects throughout the enterprise. In the event this turns out to be a serious breach, you will be credited with keeping your cool and weathering the storm. Overreacting to any security incident can undermine your department's credibility...
March 18, 2011 Added by:Headlines
"Our investigation has led us to believe that the attack is in the category of an APT... and revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is specifically related to RSA's SecurID two-factor authentication products..."
March 04, 2011 Added by:Robert Siciliano
According to the ITRC, there were at least 662 data breaches in 2010, which exposed more than 16 million records. Nearly two-thirds of breaches exposed Social Security numbers, and 26% involved credit or debit card data. The majority of these attacks were malicious hacks or insider theft...
March 01, 2011 Added by:Dan Dieterle
New research shows that secure erase programs used on standard hard drives to wipe important data do not completely erase solid-state (SSD) drives and USB thumb drives. As much as 75 percent of the data could remain after a successful secure wipe...
New Legislation on Threat Intelligence Shari... ut ut on 01-28-2015
Cyber-Civic Responsibility... Anoop birha on 01-28-2015
Dark Technology: Are You (Unknowingly) Putti... Anoop birha on 01-28-2015