Vulns & Alerts
Two Northeast States Updated Breach Notification Statutes
June 27, 2012 Added by:David Navetta
Much time and ink has been spent on the steady stream of data security and breach-related bills that spring up in Congress like mushrooms after a rain. But recently Vermont and Connecticut updated their existing breach notification statutes, highlighting the need to monitor state legislatures...
Comments (0)
Breach Alert: Putin Makes Drone Development a National Priority
June 19, 2012 Added by:Jeffrey Carr
Russia plans to spend US$13B on UAS development over the next eight years. Part of that technology development strategy is almost certainly going to be acquiring intellectual property on related technology from foreign firms. Two good examples of companies at risk are Boeing and General Atomics...
Comments (0)
We Don’t Need Cyber-Vigilante Justice
June 15, 2012 Added by:Andy Willingham
You see what made me so mad? It wasn’t the release of the PII of all those innocent people, it was their reason for doing it. They reported a web site vulnerability and it wasn’t fixed, so they decided to post PII of thousands of people on the internet. Who put them in the role of deciding who wins and who loses?
Comments (2)
Ten Networking Alternatives After LinkedIn's Security Breach
June 13, 2012 Added by:Allan Pratt, MBA
Much has been written about the LinkedIn security breach and the millions of passwords at risk. Hopefully by now all users have changed them and made them more complex. When it comes to professional social networking sites though, LinkedIn is not the only game in town. Here are the Top 10 alternatives...
Comments (0)
Global Payments Breach May Include Merchant Account Data
June 13, 2012 Added by:Headlines
"The Company's ongoing investigation recently revealed potential unauthorized access to servers containing personal information collected from a subset of merchant applicants. It is unclear whether the intruders looked at or took any personal information... however, the Company will notify potentially-affected individuals..."
Comments (0)
Judge Upholds Charges Against WikiLeaker Bradley Manning
June 12, 2012 Added by:Headlines
Manning is accused of the largest intelligence leak in U.S. history while deployed to Iraq as a military intelligence analyst, including installing unauthorized software onto government computers to extract classified information and transmitting the data to the whistle-blowing group WikiLeaks...
Comments (0)
LinkedIn Breach Part II: What You Need to Prepare for Next
June 09, 2012 Added by:Jason Clark
The LinkedIn breach made headlines, but I want to go deeper and provide practical advice for organizations on how they can anticipate DLP consequences and tighten network security. You need a strategy to protect against attack scenarios. Here’s a seven-step check list for mitigating your risk...
Comments (4)
Should You Be Worried About the LinkedIn Breach?
June 06, 2012 Added by:Kelly Colgan
People who rely on LinkedIn for professional networking keep a wealth of information stored on their profile pages. With news of a possible data breach exposing 6.5 million user passwords, LinkedIn users need to take steps to protect their personal data. Here are five tips we recommend you follow...
Comments (3)
LinkedIn Hacked: Change Your Password
June 06, 2012 Added by:Headlines
Reports indicate that as many as 6.4 million passwords have been compromised. Though the passwords are in encrypted form, reports indicate that they are being cracked at a rapid rate, with somewhere near 300,000 passwords already revealed, putting those LinkedIn members' accounts at risk...
Comments (0)
ENISA: Inventory of CERT Activities in Europe
June 01, 2012
This document aims to provide an overview on the actual situation concerning CERT matters in Europe. It provides a list of response teams and similar facilities by country, but also contains a catalog of co-operation, support and standardization activities related to them....
Comments (0)
NASA Denies Iranian Hacker's SSL Certificate Breach Claims
May 29, 2012 Added by:Headlines
NASA has officially denied that the agency's systems were breached by the Iranian hacker group the "Cyber Warriors Team," which claimed to have compromised a digital SSL certificate after having coded an HTTPS protocol scanner to find weaknesses in the agency's website...
Comments (0)
On the Recent Blizzard and Diablo 3 Account Compromises
May 29, 2012 Added by:Beau Woods
Gamers have gotten more savvy about giving away information which would allow someone else to access their account. But the attackers have adapted as well and use other ways of getting that information than by sending fake emails. Here are some of the more creative and sophisticated ways the thieves operate...
Comments (2)
Anonymous Claims Department of Justice Hack, Data Dump
May 22, 2012 Added by:Headlines
"The department is looking into the unauthorized access of a website server operated by the Bureau of Justice Statistics that contained data from their public website. The... website has remained operational throughout this time. The department’s main website... was not affected..."
Comments (0)
Hackers Post Thousands of Twitter Account Logins
May 09, 2012 Added by:Headlines
Analysis of the data dump indicates that of the fifty-five thousand sets of account logins, around twenty-thousand were duplicates, and a large percentage were associated with accounts that were already suspended for violations of terms of service...
Comments (0)
Breached! Now What? Seven Steps to Avoid Failure Panic
May 07, 2012 Added by:Rafal Los
To many organizations, a security breach means a catastrophic failure in security signifying a breakdown in the mechanisms installed to keep the organization secure, and by its very nature represents failure. The problem with this situation is it really represents two failures...
Comments (1)
Symantec Targeted in Source Code Extortion Scheme
May 06, 2012 Added by:Headlines
“Symantec’s internal information security team has analyzed the code that was posted and has determined it is NOT Symantec source code... this is NOT Norton source code that has been posted, this is not a hack of Norton... and this does no pose a threat in any way to Norton products..."
Comments (0)
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!
- Infographic: Keeping Web Applications Safe
- Do You Have a Vendor Security Check List? You Should!