Breaches
From the Web
Super Nuclear Worm Invades Kazakhstan
October 03, 2010 from: AEON Security Blog
When I first heard about Stuxnet, it made me shrug my shoulders just as much as I shrugged when hearing about Aurora – the “(un)Advanced Persistent Threat.” Outside from all the hype, the entire concept of “Stuxnet” being a “highly weaponized targeted” threat is way out of tune with reality. From everything I have read so far, everyone seems to be repeating what everyone else is repe...
Comments (2)
From the Web
Odds, Disclosure, Etc…
September 18, 2010 from: Rsnake's blog at ha.ckers.org
I went to Data Loss DB the other day and I noticed an interesting downward trend over the last two years. It could be due to a lot of things. Maybe people are losing their laptops less or maybe hackers have decided to slow down all that hacking they were doing. No, I suspect it’s because in the dawn of social networking and collective thinking, companies fear disclosure more than ever before.
Comments (0)
From the Web
Even Einstein Can’t Track Google’s “Script Kiddie” Hackers
March 09, 2010 from: AEON Security Blog
News surrounding the attacks at Google and other companies are a dime a dozen and, while we have not seen any evidence publicly disclosed, we too can speculate along with everyone else. My first thoughts surrounding the news of the attack led me to believe that the compromise may have been an inside job.
Comments (4)
From the Web
Welcome Infosec Island Network readers
February 28, 2010 from: Office of Inadequate Security
Over the weekend, I added 19 financial, 21 business, 4 healthcare, 1 government and 1 not-for-profit breaches thanks to the Maryland Attorney General’s Office updating their web site. You may also be interested in reading how much manpower was involved in trying to identify whose data and what kinds of data were in the audio and video files on the 57 stolen BlueCross BlueShield hard drives.&...
Comments (1)
From the Web
19 more financial sector breaches from 2009
February 27, 2010 from: Office of Inadequate Security
Maryland has updated its web site to provide breach notifications that it has received since its last update. The newly posted notifications are for the period ending December 31, 2009, so there will likely be more to come for 2010
Comments (0)
From the Web
21 more business sector breaches from 2009
February 27, 2010 from: Office of Inadequate Security
Maryland has updated its web site to provide breach notifications that it has received since its last update. The newly posted notifications are for the period ending December 31, 2009, so there will likely be more to come for 2010
Comments (0)
From the Web
A rise in cyber attacks by one third saw 100 per cent of enterprises experience cyber losses in 2009
February 25, 2010 from: Saumil's Infosec Blog
According to Symantec's 2010 State of Enterprise Security study, 75 per cent of enterprises experienced cyber attacks in the last 12 months and 36 per cent rated the attacks somewhat/highly effective. Also, there was a 29 per cent rise in reported attacks in the last 12 months.
Comments (0)
From the Web
Thousands of Twitter user accounts compromised
February 23, 2010 from: Saumil's Infosec Blog
IT security firm, Sophos, has warned Twitter users on a new attack that has led to thousands of accounts being compromised by hackers using a Web 2.0 botnet. The hijacked accounts are later used to spread money-making spam campaigns.
Comments (1)
From the Web
Customer Sues Bank After Phishing Attack
February 11, 2010 from: Office of Inadequate Security
A Michigan-based metal supply company is suing Comerica Bank, claiming that the bank exposed its customers to phishing attacks.
Comments (3)
From the Web
China Shut Down Biggest Hacker Training Site
February 09, 2010 from: Saumil's Infosec Blog
What is believed to be the country's biggest hacker training site has been shut down by police in Central China's Hubei province. Three people were also arrested, local media reported yesterday. The three, who ran Black Hawk Safety Net, are suspected of offering others online attacking programs and software, a crime recently added to the Criminal Law. A total of 1.7 million yuan ($249,000) in asse...
Comments (2)
From the Web
Today’s threat: computer network terrorism
February 08, 2010 from: Saumil's Infosec Blog
“Carry out all my demands or the entire country’s electricity will be cut off.” Is this another line from a suspense film, or is it a palpable threat made possible with a computer keyboard? “Today, there is a growing trend amongst hackers around the world to threaten national infrastructures for ransom,” says Dr. Yaniv Levyatan, an expert in information war at the Uni...
Comments (1)
From the Web
Defending Against Advanced Persistent Threats
February 08, 2010 from: AEON Security Blog
Google and other major companies and the report is both interesting and questionable. I have no reservations about the levels of expertise coming out of Mandiant or their findings; I do however, have reservations about the explanations and interpretation of what was summarized in the Wired article.
Comments (0)
From the Web
Heartland Payment Systems and Visa Inc. Announce Acceptance Rate of Over 97 Percent for Data Security Breach Settlement Agreement
February 05, 2010 from: Office of Inadequate Security
Financial institutions representing more than 97 percent of eligible Visa-branded credit and debit cards have accepted the Alternative Recovery Offers they received pursuant to the settlement entered into by Visa Inc. (NYSE:V), Heartland Payment Systems® (NYSE: HPY) and Heartland’s sponsoring acquirers last month. This level of acceptance fulfills the 80 percent opt-in condition that was...
Comments (0)
From the Web
HIPAA complaints decreased significantly in 2009
February 01, 2010 from: Office of Inadequate Security
Dennis Melamed provides monthly HIPAA complaint statistics based reports by the HHS Office for Civil Rights (OCR). It seems that not only did breach reports in general decline in 2009 relative to 2008, but privacy and security complaints to HHS also declined.
Comments (1)
From the Web
New Data Breach Report: Malicious Attacks Doubled in 2009
January 25, 2010 from: Office of Inadequate Security
The number of malicious or criminal attack-related breaches was 24 percent — double the 12 percent of the 2009 study. “They are the most costly, and the types of attacks we found included botnet attacks and data-stealing malware,” Ponemon says. “There is more to worry about because I see this as a growing category. This number of criminal attacks will continue to increase i...
Comments (0)
From the Web
Forget Blaming Microsoft or Google – Blame Yourself
January 22, 2010 from: AEON Security Blog
People from all walks of life including influential decision makers are quickly firing off ye ole “Blame Microsoft” rants this week after another debacle involving Google and China. The debacle involved so-called State Sponsored (from China) “hacktivities” to compromise Gmail accounts. The attacks were – as we’re told – targeted towards Internet Explorer v...
Comments (2)
- SecurityWeek Names Ryan Naraine as Editor-at-Large
- Why Cyber Security Should Be at the Top of Your Christmas List
- United States Federal Government’s Shift to Identity-Centric Security
- How Extreme Weather Will Create Chaos on Infrastructure
- BSIMM11 Observes the Cutting Edge of Software Security Initiatives
- Sustaining Video Collaboration Through End-to-End Encryption
- Will Robo-Helpers Help Themselves to Your Data?
- Securing the Hybrid Workforce Begins with Three Crucial Steps
- A New Strategy for DDoS Protection: Log Analysis on Steroids
- COVID-19 Aside, Data Protection Regulations March Ahead: What To Consider