Vulns & Alerts

Why I think Microsoft’s claims that breaches are down are seriously confounded

October 16, 2010

Ever since yesterday morning when I read that Microsoft reported that breaches involving data loss are down, it’s been a puzzlement because all of the data I’ve seen this year suggest that the number of breach reports are up.  I think I’ve figured out how they came to what I see as an erroneous statement.

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

Coping with the Inevitability of a Data Breach

October 13, 2010 Added by:Robb Reck

While an attacker will eventually figure out a way around your firewall, as soon as they do a good SIEM can alert the NOC and send technicians rushing to respond. In a perfect world, we will keep attackers, both external and internal, from having the opportunity to exploit our systems. But the reality is that breaches do occur...

Comments  (0)

Improper Disposal of Confidential Client Records Earns Lawyer (Only?) a Public Reprimand

October 07, 2010

Here’s a follow-up on a breach involving paper records, but I don’t think I  ever knew of this breach at the time it occurred, although it reminds me of a similar breach where a psychologist’s adult children did something similar. Leigh Jones reports: An Indiana adoption lawyer whose client files were scattered in the wind after his adult childre...

Comments  (0)


From the Web

Super Nuclear Worm Invades Kazakhstan

October 03, 2010 from: AEON Security Blog

When I first heard about Stuxnet, it made me shrug my shoulders just as much as I shrugged when hearing about Aurora – the “(un)Advanced Persistent Threat.” Outside from all the hype, the entire concept of “Stuxnet” being a “highly weaponized targeted” threat is way out of tune with reality. From everything I have read so far, everyone seems to be repeating what everyone else is repe...

Comments  (2)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Maine Supreme Court Ends Hannaford Breach Suit

September 26, 2010 Added by:David Navetta

Regardless of the potential flaws in this decision, this decision adds another significant court to those that fail to recognize damages in a data breach lawsuit. At this point, it is unclear whether the plaintiffs will ever achieve a victory on this issue...

Comments  (0)

Dd9902bc56a9d85cdc62c00083ea4871

Third-Parties and the Protection of Sensitive Information

September 20, 2010 Added by:Katie Weaver-Johnson

Third-parties are increasingly responsible for data breaches. A recent GAO report has revealed that federal agencies utilizing contracted workers are failing to implement contractual assurances with third-parties regarding the protection of sensitive information...

Comments  (3)


From the Web

Odds, Disclosure, Etc…

September 18, 2010 from: Rsnake's blog at ha.ckers.org

I went to Data Loss DB the other day and I noticed an interesting downward trend over the last two years. It could be due to a lot of things. Maybe people are losing their laptops less or maybe hackers have decided to slow down all that hacking they were doing. No, I suspect it’s because in the dawn of social networking and collective thinking, companies fear disclosure more than ever before.

Comments  (0)

37d5f81e2277051bc17116221040d51c

Organized Crime Responsible For Most Breaches

September 17, 2010 Added by:Robert Siciliano

Global web mobs are tearing up corporations’ and financial institutions’ networks. According to a new Verizon report, a staggering 900 million records have been compromised in the past six years. Up to 85 percent of the breaches were blamed on organized criminals...

Comments  (1)

37d5f81e2277051bc17116221040d51c

Thirteen Million Records Breached in 2010 - So Far

September 01, 2010 Added by:Robert Siciliano

Even if you are protecting your PC and keeping your critical security patches and antivirus definitions updated, there is always a chance that your bank or credit card company may get hacked. With millions of records being compromised every year, consider your data breached!

Comments  (1)

Dd9902bc56a9d85cdc62c00083ea4871

Veterans Affairs: Implement Data Breach Lessons Learned

August 26, 2010 Added by:Katie Weaver-Johnson

From April through July of 2010, the VA has lost 72 BlackBerrys and 34 laptops. Patient information has been sent to the wrong address or mailed incorrectly 441 times. Almost 10,000 breach incidents in 3 months. What is wrong with this picture?

Comments  (1)

37f65c068b7723cd7809ee2d31d7861c

Mandatory Disclosure: A Hazard for Infosec?

July 30, 2010 Added by:Niels Groeneveld

Management teams prefer to reduce risk and cost. The legislation forces companies to disclose breaches, but does not force companies to find them. Given these circumstances, a possible option to reduce risk is to decrease the chance that security breaches will be found...

Comments  (3)

6d117b57d55f63febe392e40a478011f

Loss of Critical Information Threatens SMBs

June 24, 2010 Added by:Anthony M. Freed

The average cost of an information security event for a small to medium size business (SMB) is $188,242, according to a new report published by Symantec from data collected by Applied Research, and unauthorized access to sensitive data was rated the single greatest threat to corporate viability.

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

HIPAA HITECH Fines and Fear of Lost Business

June 24, 2010 Added by:Jack Anderson

What has been suspected now has been confirmed - the cost of data breaches is substantial. Indeed, a report titled "2009 Annual Study: Global Cost of Data Breach" shines a very bright light on the actual cost of activities stemming from more than 100 breach incidents across multiple industry sectors, numerous organizations, and a handful of different countries.

Comments  (0)

37d5f81e2277051bc17116221040d51c

Data Breaches Persist In Health Care

June 24, 2010 Added by:Robert Siciliano

In September 2009, the Obama administration’s Health Information Technology for Economic and Clinical Health (HITECH) Act went into effect, requiring hospitals and other health care organization to beef up client data protections. Despite this, a recent study found that health care data is still hemorrhaging from peer to peer networks.

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

Data Breaches Up in 2010

June 22, 2010 Added by:Jack Anderson

A data breach is painful for everyone, with the exception of the thief. The bad publicity, cost of notification, cost of internal and external audits, not to mention the loss to the person whose data is breached is enormous.

Comments  (7)

E313765e3bec84b2852c1c758f7244b6

Responding to a Compromised System Alert

June 19, 2010 Added by:Brent Huston

I interact with a lot of people and organizations that have compromised machines. Often, my email or phone call is the first they have heard of the problem. Should you ever get a call like this from me or someone else, here are a few tips that you might find helpful for proceeding.

Comments  (0)

Page « < 18 - 19 - 20 - 21 - 22 > »