Articles Tagged with "Hardening"


From the Web

Website exposes sensitive details on military personnel

September 08, 2009 from: Office of Inadequate Security

Programming errors on a website that helps commuters carpool to work are exposing sensitive information of workers for hundreds of employers in Southern California, including at least one military installation.

Comments  (1)


From the Web

Best of Application Security (Friday, Sep. 4)

September 04, 2009 from: Jeremiah Grossman's Blog

Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order. Regularly released until year end. Then the Best of Application Security 2009 will be selected!

Comments  (0)


From the Web

Announcement Regarding The October 2009 Critical Patch Update

September 03, 2009 from: The Oracle Global Product Security Blog

Because many Oracle customers with responsibility for deploying the Critical Patch Update within their respective organizations will be attending Oracle OpenWorld on October 11-15, 2009; the October 2009 Critical Patch Update originally scheduled to be published on Tuesday, October 13th 2009, will be released on October 20th 2009.

Comments  (0)


From the Web

Gonzalez pleads guilty, sentenced to 15-25 years

August 28, 2009 from: Office of Inadequate Security

Under a plea agreement with federal prosecutors filed in Boston on Friday, Albert Gonzalez would serve a sentence of 15 to 25 years after pleading guilty to a 19-count indictment. He would also forfeit some $2.8 million in cash, a Miami condo, a car and expensive frakelry.

Comments  (0)


From the Web

Why some Firefox users choose not to update

August 25, 2009 from: Mozilla Security Blog

The best way for users to stay safe online is to use an updated browser. While most Firefox users get updated quickly, some fall behind for various reasons. We’re looking for ways to increase uptake while still preserving user choice.

Comments  (0)


From the Web

Risky use of real data in application development

August 21, 2009 from: Office of Inadequate Security

Most organizations in the U.S. and U.K. put their sensitive customer and company data at risk during their application development and testing processes, according to a new study. 80% surveryed were hit by at least one breach in the past 12 months.

Comments  (0)


From the Web

Overcoming Objections to an Application Security Program

August 17, 2009 from: Jeremiah Grossman's Blog

Today a large percentage of security professionals truly “get” application security. They understand the importance, the best-practices, the value, etc. What inhibits their success the most in building an effective application security program is a lack of buy-in from the business and support from development groups.

Comments  (1)


From the Web

Stolen NY Life Insurance laptop had customer info

August 14, 2009 from: Office of Inadequate Security

For the second time in as many months, New York Life Insurance is notifying customers of a data breach. In the newest incident, a laptop containing unencrypted customer information was stolen from an employee’s vehicle in a “smash and grab.”

Comments  (0)


From the Web

Whistleblower lawsuit against Kaiser (updated)

August 10, 2009 from: Office of Inadequate Security

At a time when concerns about the privacy and security of electronic health records are a hot topic and the issue of private vs. public health insurance is making the front pages, a lawsuit filed by a former Kaiser employee alleges that Kaiser knowingly and repeatedly violated HIPAA, exposed millions of members to identity theft, and ripped members off by not keeping track of deductibles and co-pa...

Comments  (2)


From the Web

Heartland says breach has cost $32 million so far

August 06, 2009 from: Office of Inadequate Security

Heartland Payment Systems on Tuesday (Aug. 4) said it spent $32 million this year paying for costs related to the major data breach it disclosed in January, including $22.1 million to cover fines from key payment card brands and a settlement offer. Heartland did not say how the $22.1 million was split between the fines and the settlement offer, but it did provide clues.

Comments  (1)


From the Web

Personal data mishandled at Commerce Dept.

August 03, 2009 from: Office of Inadequate Security

The names and Social Security numbers of at least 27,000 Commerce Department employees were exposed to a risk of identity theft following an inappropriate transfer of the personal information in mid-July, according to a letter sent to department employees last week.

Comments  (0)


From the Web

Leahy reintroduces data breach bill

July 23, 2009 from: Office of Inadequate Security

Senate Judiciary Chairman Patrick Leahy (D-Vt.) has reintroduced a data breach bill that would set tougher rules for government agencies and private sector firms regarding consumers’ personal information.

Comments  (0)