Items Tagged with "breaches"


9f19bdb2d175ba86949c352b0cb85572

The Truth Behind Data Breaches

February 16, 2012 Added by:Neira Jones

SQLi was the number one attack vector found in both the Web Hacking Incident Database and the number one Web-based method of entry in incident response investigations. SQL injections were the number one Web application risk of 2011...

Comments  (5)

B8db824b8b275afb1f4160f03cd3f733

Disclosures: How Much Sharing is Too Much?

February 15, 2012 Added by:Jack Daniel

What is the point of telling you I was compromised by spear phishing, SQL injection, cross site scripting, cross site request forgery, default credentials, or anything else we’ve know about for years? If you are ignoring all of the well-known risks, it is a waste of time...

Comments  (0)

37d5f81e2277051bc17116221040d51c

One in Three Massachusetts Residents’ Records Breached

February 15, 2012 Added by:Robert Siciliano

Massachusetts has one of the most stringent data protection laws on the books. Companies are now reporting when even a single individual’s information has been compromised. Despite strict security requirements, companies are continually being hacked in record numbers....

Comments  (0)

924ce315203c17e05d9e04b59648a942

In Cyber - Losers Ignore, Survivors React, Winners Predict

February 15, 2012 Added by:Richard Stiennon

Every organization has a choice: become a victim of cyber attack and pay the cost of recovery then rely on quick reactions to changes in the threat space to survive the next attack, or predict the escalation in attacks and invest early in the defenses required...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Difference Between Spreading Information and Enabling Crime

February 14, 2012 Added by:Rafal Los

Most people don't get prosecuted or charged for distributing or re-tweeting a link to an Anonymous pastebin dump. Where is the line drawn then, and why are some incidents bigger than others? The question ultimately goes to the contents of the cache of information...

Comments  (2)

959779642e6e758563e80b5d83150a9f

Why Data Security Regulation is Bad

February 11, 2012 Added by:Danny Lieberman

The government knee-jerk reaction in the face of a data breach is to create more compliance regulation. Security by compliance does not improve security, since attackers can reverse-engineer the minimum requirements in a standard to look for holes in a company’s defenses...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Insecurity by Way of Compliance

February 08, 2012 Added by:Danny Lieberman

The US leads in data security breaches while the EU leads in data security. The EU has strong, uniform data security regulation, whereas the US has a quilt-work of hundreds of security directives where each agency has it’s own system for data security compliance...

Comments  (2)

54b393d8c5ad38d03c46d060fa365773

Four Keys for Intellectual Property Protection

February 07, 2012 Added by:Jason Clark

Intellectual property includes product designs, secret formulas, and other trade knowledge. It's what organized cybercrime, state governments and hackers are all going after. Why? Mostly because of the value. One stolen manufacturing process can be worth millions...

Comments  (1)

9f19bdb2d175ba86949c352b0cb85572

Incident Response: Have You Got a Plan?

February 06, 2012 Added by:Neira Jones

We should always aim to reduce the frequency of security incidents by effectively securing networks, systems, applications and have the appropriate policies and processes in place, and the NIST report helps in providing guidelines on responding to incidents effectively...

Comments  (0)

39728eff8ac87a48cfb050f0df29ceaa

Who Will Watch the Watchers?

February 05, 2012 Added by:John Linkous

We have entered a new era of cybersecurity, one where the objective is not to protect against a breach - the majority of large organizations are no longer able to - instead we need to be able to detect them and mitigate the damage done by them...

Comments  (0)

Ebbcdce0dfc85abf519d8b44a017f687

Data Privacy: Oxymoron, Wishful Thinking, or Strategic Goal?

February 03, 2012 Added by:Brian Dean

Consumers are desensitized to breaches, as evidenced by the meager rate of consumers applying for free credit monitoring services after a company breach. If you analyze the data that was breached, sometimes you have to ask, “Why are they even collecting all of that data?”

Comments  (0)

959779642e6e758563e80b5d83150a9f

Best Ways for Businesses to Prevent Data Breaches

February 01, 2012 Added by:Danny Lieberman

Most security breaches are attacks by insiders and most attackers are trusted people that exploit software system vulnerabilities (bugs, weak passwords, default configurations etc…). Neither security awareness nor UAC are effective...

Comments  (0)

58bc13ef5da5ac4fc32d41c3fbc0e460

Leaking Vault Update: Records Breached Figure Passes One Billion

January 31, 2012 Added by:Suzanne Widup

Although 2007 and 2008 grew the most in terms of additional incidents being disclosed, 2008 showed the highest number of additional records, with almost 95 million. Though 2011 is not the highest in terms of incidents, it is now the leader for records disclosed thus far...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

Top Security Company Acquisitions of 2011

January 31, 2012 Added by:Bill Gerneglia

The acquisition pace in the security industry has been steady the last few years due to the global proliferation of security breaches. Will this acquisition pace continue? Many analysts believe it will accelerate to address the proliferation of global security threats...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Report: Malware Creation Hit Record High in 2011

January 31, 2012 Added by:Headlines

The report attributes the increase to automation techniques being more widely used in the creation of malware variants - slightly altered signatures developed to foil anti-malware detection software. The report notes a sharp increase in the proliferation of Trojans...

Comments  (0)

65be44ae7088566069cc3bef454174a7

Tech Continues to Bedevil Infosec and Privacy Practitioners

January 30, 2012 Added by:Rebecca Herold

Organizations need to get off the stick, do risk assessment to determine the extent of personal computing device use within their organizations and then update their policies, create new procedures, and implement new technologies accordingly...

Comments  (0)

Page « < 4 - 5 - 6 - 7 - 8 > »