A collection of articles and posts pulled from some of our favorite bloggers across the Internet.

Do you have an IT/Infosec Security blog that we can display here? Suggest a Link, otherwise Contact Us about getting blogging rights here on the Island!

Latest From the Web


From the Web

Heartland pays Amex $3.6M over 2008 data breach

December 17, 2009 from: Office of Inadequate Security

Heartland Payment Systems will pay American Express $3.6 million to settle charges relating to the 2008 hacking of its payment system network.

Comments  (0)


From the Web

Hacker hits NC community college system

December 17, 2009 from: Office of Inadequate Security

Patrons of North Carolina's community colleges may have had their drivers license and Social Security numbers stolen by a hacker.

Comments  (0)


From the Web

Cloud Security Evangelists May Have Heads Stuck In Clouds

December 17, 2009 from: AEON Security Blog

Cloud Computing evangelists would have you believe that security in the cloud is relevant when reality paints a far different picture. Security managers should know that; “you can transfer risk but never responsibility.” Now add this statement to memory: “No cloud provider will give you the security you need.” Seriously.

Comments  (0)


From the Web

BJ’s, Bank Not Liable for Credit Card Fraud

December 15, 2009 from: Office of Inadequate Security

Cumis Insurance Society and the credit unions it insures have failed in their lawsuit against BJ’s Wholesale Club and Fifth Third Bank over a 2004 breach that affected 9.2 million cardholders.

Comments  (0)


From the Web

Fool Disclosure Woes

December 15, 2009 from: AEON Security Blog

Every so often we come up with some crafty methods to research security threats, theories and vulnerabilities and yet many times we’re left lingering with the feeling of guilt by not disclosing security holes. I believe it this is a feeling shared by many ethical security researchers: “To disclose or not to disclose…”

Comments  (0)


From the Web

Cloud Based Wireless Cracking Services

December 15, 2009 from: AEON Security Blog

Security researchers are leveraging cloud computing to crack WPA wireless passwords at a cost and we’re wondering what other nefarious deeds are being done via cloud computing that we’ve never heard about. To be fair about this, for starters if you take notice of PC World’s title for the article, “New Cloud-based Service Steals Wi-Fi Passwords” it’s completely w...

Comments  (0)


From the Web

P2P fraudsters snare DoD employees and FL business; two indicted

December 11, 2009 from: Office of Inadequate Security

Jeffrey Steven Girandola and Kajohn Phommavong have been charged in a previously sealed 16-count indictment with Conspiracy, Computer Fraud, Access Device Fraud and Aggravated Identity Theft. According to the indictment, which was handed up by a federal grand jury in San Diego, the defendants installed peer-to-peer file sharing software on computers under their control and searched the a...

Comments  (0)


From the Web

Judge dismisses shareholder lawsuit against Heartland (updated)

December 09, 2009 from: Office of Inadequate Security

A U.S. District Court judge in New Jersey has tossed out a class-action lawsuit filed by shareholders against Heartland Payment Systems, the credit card processor announced Wednesday.The judge granted Heartland’s motion to dismiss the action, which was filed in the wake of Heartland’s massive breach that was reported earlier this year, according to a company statement. No reason wa...

Comments  (0)


From the Web

Gonzalez to plead guilty in NJ

December 08, 2009 from: Office of Inadequate Security

An admitted computer hacker charged in the nation’s largest-ever data breach has told federal prosecutors in New Jersey that he plans to plead guilty in connection to the alleged theft of more than 130 million credit card numbers.

Comments  (0)


From the Web

The Merchants Strike Back?

December 07, 2009 from: Office of Inadequate Security

With the recent news of several restaurants teaming up to sue point-of-sale system provider Radiant Systems (a copy of the complaint can be found here) for failing to comply with the PCI Standard, it appears that some merchants may be in a mood to strike back in the aftermath of a payment card security breach. This lawsuit comes in the wake of a couple lawsuits against payment card security assess...

Comments  (0)


From the Web

NC: Kids’ Social Security numbers on school postcards

December 05, 2009 from: Office of Inadequate Security

The Wake County [North Carolina] school system accidentally sent out about 5,000 postcards with students’ Social Security numbers printed on the front, a mistake that angered parents and will cost the district nearly $100,000 to remedy.

Comments  (0)


From the Web

Malware rebounds as cause of data loss

December 04, 2009 from: Office of Inadequate Security

The 2009 CSI Computer Crime and Security survey identified a number of shifts in significant cybersecurity threats this year. Malware infections jumped to 64% from 50%, reversing a dip in the number of companies experiencing malware infections that started in 2005. That year, the figure was 74%.

Comments  (0)


From the Web

If DOD can do this, why can’t they manage to remove SSNs?

December 03, 2009 from: Office of Inadequate Security

The Defense Department will not meet its end-of-the-year deadline for removing Social Security numbers from military ID cards as they are issued or renewed, the Pentagon has confirmed.

Comments  (0)


From the Web

Many More Government Records Compromised in 2009 than Year Ago, Report Claims

December 03, 2009 from: Office of Inadequate Security

If you’re bummed about the data in your department that just got breached, you have some cold comfort. Although the combined number of reported data breaches in the government and the military has dropped in 2009 compared to last year, many more records were compromised in those breaches, according to recent figures compiled by a California nonprofit.

Comments  (0)


From the Web

ICO publishes guide to Data Protection Act

November 30, 2009 from: Office of Inadequate Security

The Information Commissioner’s Office (ICO) has produced a new plain English Guide to Data Protection to provide businesses and organizations with practical advice about the Data Protection Act and dispel myths. The guide will help organizations safeguard personal data and comply with the law. The guide takes a straight-forward look at the principles of the Data Protection Act and uses pract...

Comments  (0)


From the Web

Risky business: Remote Desktop opened the door for Aloha hackers

November 25, 2009 from: Office of Inadequate Security

When nine restaurants in Louisiana and Mississippi filed lawsuits against Radiant Systems and its Louisiana distributor, they may have represented only the tip of a substantial iceberg of hacks affecting restaurants that used Radiant Systems’ Aloha POS system.  It seems that the scope of the problem is first coming to the public’s attention approximately one and a half years after...

Comments  (0)


« First < Previous  | 4 - 5 - 6 - 7 - 8 |   Next > Last »