Vulns & Alerts
May 07, 2012 Added by:Rafal Los
To many organizations, a security breach means a catastrophic failure in security signifying a breakdown in the mechanisms installed to keep the organization secure, and by its very nature represents failure. The problem with this situation is it really represents two failures...
May 06, 2012 Added by:Headlines
“Symantec’s internal information security team has analyzed the code that was posted and has determined it is NOT Symantec source code... this is NOT Norton source code that has been posted, this is not a hack of Norton... and this does no pose a threat in any way to Norton products..."
May 03, 2012 Added by:Headlines
A new hacktivist group claims to have breached the systems of multiple government, military and private organizations. The hackers posted screenshots of their intrusions to support their claims, as well as posting what is characterized as military files for access on MediaFire...
April 27, 2012 Added by:Headlines
"Our security team became aware of the public posting of a single file from the VMware ESX source code and the possibility that more files may be posted in the future. The posted code and associated commentary dates to the 2003 to 2004 timeframe..."
April 26, 2012 Added by:David Navetta
The attenuated nature of online relationships creates an opportunity for criminals to steal or spoof online identities and use them for monetary gain. The ability of one party to authenticate the identity of the other party in an online transaction is of key importance...
April 25, 2012 Added by:Headlines
"We have detected an intrusion into our company's global information systems network... we believe that our systems are secure and that no customer, employee or program data has been compromised. However, we believe that user IDs and hashed passwords were transmitted..."
April 23, 2012 Added by:Christopher Burgess
Certification of compliance demonstrates that at that given point of time the entity was in adherence to the PCI standards. The threat landscape is dynamic and ever changing requiring those entrusted with our data to take steps beyond compliance to protect that data...
April 13, 2012 Added by:David Navetta
The latest CDBS study can be considered a bookend to Verizon’s annual DBIR. The two reports paint a data breach landscape that continues to change. For the first time in seven years, both the organizational cost of data breach and the cost per lost or stolen record have declined...
April 13, 2012 Added by:Patrick Oliver Graf
Network connections that communicate with machine-to-machine (M2M) management platforms are especially prone to attacks, in part because the M2M systems primarily communicate via Wi-Fi networks and 2 or 3G connections...
April 12, 2012 Added by:Neira Jones
The Verizon DBIR 2012 was released last month and I am sure you have seen a lot on the subject. With every report, statistics and opinions have to be put in the right context. The conclusions are not surprising, but there are a few nuggets in the report worth examining...
April 12, 2012 Added by:Rafal Los
You've heard us say for a while now that information security isn't about reaching some mythical state of 'secure' but rather a constant battle on the ever-changing front lines of your organization to minimize any damage that the evil hackers can do once they find an in...
April 11, 2012 Added by:Fergal Glynn
Companies that suffer a data breach lose more than just confidential information. Their reputation, productivity, and profitability can all be negatively impacted in the aftermath of even a single incident. The organization may face fines, civil or criminal prosecution...
April 11, 2012 Added by:Spencer McIntyre
Researchers are releasing a Metasploit module that can exploit a vulnerability in an open source web content management system called Liferay in the XSLT processing engine that is used to allow setting dynamic XML feeds to be displayed as content on a page...
April 03, 2012 Added by:Pierluigi Paganini
Global Payments' announced that Track 2 data was stolen, which is used by the bank. Track 1 data generally refers to the information reported on the front of a bank card. So if this information was stolen along with that contained in Track 2, it is possible to clone a card...
March 30, 2012 Added by:Headlines
"Visa Inc. is aware of a potential data compromise incident at a third party entity... Visa has provided payment card issuers with the affected account numbers so they can take steps to protect consumers through independent fraud monitoring and, if needed, reissuing cards..."
March 27, 2012 Added by:Headlines
Chaney admitted he hacked into the e-mail accounts by taking the victims’ e-mail addresses, clicking on the “Forgot your password?” feature, then re-setting the passwords by answering security questions using publicly available information he found on the Internet...
Student Pleads Guilty to Counterfeiting Coup... on 06-18-2013
Starting to Clean Up the Mess from PCAnywher... Peggy Patterson on 06-18-2013