General Legal
From the Web
Customer Sues Bank After Phishing Attack
February 11, 2010 from: Office of Inadequate Security
A Michigan-based metal supply company is suing Comerica Bank, claiming that the bank exposed its customers to phishing attacks.
Comments (3)
From the Web
China Shut Down Biggest Hacker Training Site
February 09, 2010 from: Saumil's Infosec Blog
What is believed to be the country's biggest hacker training site has been shut down by police in Central China's Hubei province. Three people were also arrested, local media reported yesterday. The three, who ran Black Hawk Safety Net, are suspected of offering others online attacking programs and software, a crime recently added to the Criminal Law. A total of 1.7 million yuan ($249,000) in asse...
Comments (2)
From the Web
Heartland Payment Systems and Visa Inc. Announce Acceptance Rate of Over 97 Percent for Data Security Breach Settlement Agreement
February 05, 2010 from: Office of Inadequate Security
Financial institutions representing more than 97 percent of eligible Visa-branded credit and debit cards have accepted the Alternative Recovery Offers they received pursuant to the settlement entered into by Visa Inc. (NYSE:V), Heartland Payment Systems® (NYSE: HPY) and Heartland’s sponsoring acquirers last month. This level of acceptance fulfills the 80 percent opt-in condition that was...
Comments (0)
From the Web
Heartland lawsuit plaintiffs go after acquiring banks’ deep pockets
January 21, 2010 from: Office of Inadequate Security
The $60 million settlement offer announced by Visa and Heartland Payment Systems seems in jeopardy of falling apart as lawyers for some of the banks file a new lawsuit against Heartland’s acquiring banks and urge rejection of the settlement offer.
Comments (1)
From the Web
Gonzalez to plead guilty in NJ
December 08, 2009 from: Office of Inadequate Security
An admitted computer hacker charged in the nation’s largest-ever data breach has told federal prosecutors in New Jersey that he plans to plead guilty in connection to the alleged theft of more than 130 million credit card numbers.
Comments (0)
From the Web
The Merchants Strike Back?
December 07, 2009 from: Office of Inadequate Security
With the recent news of several restaurants teaming up to sue point-of-sale system provider Radiant Systems (a copy of the complaint can be found here) for failing to comply with the PCI Standard, it appears that some merchants may be in a mood to strike back in the aftermath of a payment card security breach. This lawsuit comes in the wake of a couple lawsuits against payment card security assess...
Comments (0)
From the Web
Senate Panel Clears Data Breach Bills
November 05, 2009 from: Office of Inadequate Security
The Senate Judiciary Committee Thursday approved two companion bills that would require businesses and government agencies to notify individuals of security breaches involving sensitive personally identifiable information. Both bills go to the Senate for consideration.
Comments (0)
From the Web
Man charged with developing and distributing cable network hacking tools
November 02, 2009 from: Office of Inadequate Security
Charges were unsealed in federal court in Massachusetts against an Oregon man and the company he founded, TCNISO, alleging that they developed and distributed products that allowed users to modify their cable modems and obtain internet access without paying for it.
Comments (0)
From the Web
Judge: FTC Cannot Make Lawyers Comply With Identity Theft Laws
October 29, 2009 from: Office of Inadequate Security
The Federal Trade Commission cannot force practicing lawyers to comply with new regulations aimed at curbing identity theft, a federal judge ruled today at the U.S. District Court for the District of Columbia.
Comments (1)
From the Web
Auditor: Bullitt lacked proper controls to prevent online theft
September 16, 2009 from: Office of Inadequate Security
Bullitt County [Kentucky] Fiscal Court did not have sufficient online banking controls in place at the time of the June online theft of $415,989, according to a report by the state auditor.
Comments (0)
From the Web
Website exposes sensitive details on military personnel
September 08, 2009 from: Office of Inadequate Security
Programming errors on a website that helps commuters carpool to work are exposing sensitive information of workers for hundreds of employers in Southern California, including at least one military installation.
Comments (1)
From the Web
Email Obfuscation and Spam Robots
September 08, 2009 from: Rsnake's blog at ha.ckers.org
I’ve long been interested in spam and robots that scrape for email addresses. I’ve done tons of work in the space, although I’ve never published any of it. Call it more of a side hobby than anything I really want to go public with - as it is with a lot of my research
Comments (0)
From the Web
Digital Direct reports breach
September 05, 2009 from: Office of Inadequate Security
Chris Cooper of Bloomberg.com reports that Digital Direct, Inc., a unit of Mitsubishi Corp., had a breach of their e-commerce web site that resulted in the compromise of 52,000 customers’ credit card numbers.
Comments (0)
From the Web
Helping users keep plugins updated
September 04, 2009 from: Mozilla Security Blog
Starting with the upcoming releases of Firefox 3.5.3 and Firefox 3.0.14, Mozilla will warn users if their version of the popular Adobe Flash Player plugin is out of date. Old versions of plugins can cause crashes and other stability problems, and can also be a significant security risk.
Comments (0)
From the Web
Best of Application Security (Friday, Sep. 4)
September 04, 2009 from: Jeremiah Grossman's Blog
Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order. Regularly released until year end. Then the Best of Application Security 2009 will be selected!
Comments (0)
From the Web
Announcement Regarding The October 2009 Critical Patch Update
September 03, 2009 from: The Oracle Global Product Security Blog
Because many Oracle customers with responsibility for deploying the Critical Patch Update within their respective organizations will be attending Oracle OpenWorld on October 11-15, 2009; the October 2009 Critical Patch Update originally scheduled to be published on Tuesday, October 13th 2009, will be released on October 20th 2009.
Comments (0)
- SecurityWeek Names Ryan Naraine as Editor-at-Large
- Why Cyber Security Should Be at the Top of Your Christmas List
- United States Federal Government’s Shift to Identity-Centric Security
- How Extreme Weather Will Create Chaos on Infrastructure
- BSIMM11 Observes the Cutting Edge of Software Security Initiatives
- Sustaining Video Collaboration Through End-to-End Encryption
- Will Robo-Helpers Help Themselves to Your Data?
- Securing the Hybrid Workforce Begins with Three Crucial Steps
- A New Strategy for DDoS Protection: Log Analysis on Steroids
- COVID-19 Aside, Data Protection Regulations March Ahead: What To Consider