Blog Posts Tagged with "breach"

Ad5130e786d13531cc0f2cde32dacd0f

Restaurant Challenges US Bank and PCI DSS after Seizure of Funds

January 26, 2012 Added by:Andrew Weidenhamer

"The PCI system is less a system for securing customer card data than a system for raking in profits for the card companies via fines and penalties. Visa and MasterCard impose fines on merchants even when there is no fraud loss at all, simply because the fines are profitable...”

Comments  (1)

03b2ceb73723f8b53cd533e4fba898ee

Symantec: Too Many Doubts - Disable pcAnywhere Software

January 26, 2012 Added by:Pierluigi Paganini

"At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks," Symantec said in the white paper...

Comments  (4)

F29746c6cb299c1755e4087e6126a816

Five Ways to Revamp Your Home-Based Business Security

January 26, 2012 Added by:Kelly Colgan

No matter how small your operation, or even if you only occasionally work from home, clients trust you to protect their data — and laws in 46 states requires that you do so. Businesses must notify clients whose information is compromised, and notification can be costly...

Comments  (2)

Af9c34417f8e5e0d240850bb353b5d40

pcAnywhere Source from 2006 Still Alive and Kicking

January 26, 2012 Added by:Keith Mendoza

Even if a complete software rewrite is done, it's not really a complete rewrite. Someone in the development team--usually the person who was working on the last version before the so-called rewrite--will copy parts of code from the old source code...

Comments  (0)

296634767383f056e82787fcb3b94864

The 2006 Theft of Symantec's Source Code - Response and Repercussions

January 26, 2012 Added by:Jeffrey Carr

Symantec has acknowledged that source code for multiple products was stolen in 2006. The worst part is that Symantec was clueless about the theft of its own source code for almost six years, which means that thousands of customers were clueless as well...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Designing Applications for Compromise

January 24, 2012 Added by:Rafal Los

Make sure you're thinking ahead and designing applications to be resilient in the face of a complete compromise - including the information therein and connected accounts - so your users can still get back to the application even after it's been ravaged by hackers...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Aaron Barr Terminated for Obsession with Anonymous

January 23, 2012 Added by:Headlines

"When I hired Aaron about eight months ago, it was under the perception that we were going to be able to help the NSA with some things relating to national security, not with Anonymous and social groups," John Sayres, the company's founder said...

Comments  (2)

7fef78c47060974e0b8392e305f0daf0

Israeli and Muslim Hackers Bring Knives to Gun Fight

January 19, 2012 Added by:Infosec Island Admin

There was the dropping of the SCADA passwords recently, and that is more along the lines of doing something. As I wrote recently about cyberwar, the real aegis is to damage infrastructure, supply chain failure, and in the end invade or conduct military operations...

Comments  (2)

D03c28fd5a80c394905c980ee1ecdc88

Symantec: What Went Wrong?

January 19, 2012 Added by:Bill Mathews

Where the rubber meets the road: I am a firm believer that security systems should be able to hold up to open scrutiny but often I’m alone in that. If this code leak really makes Symantec’s software useless for securing systems I would contend they’re doing it wrong...

Comments  (4)

03b2ceb73723f8b53cd533e4fba898ee

Symantec: The Inconvenient Truth Behind the Data Breach

January 17, 2012 Added by:Pierluigi Paganini

Initially, Symantec spokesman Cris Paden said the hackers had stolen only the source code of Symantec Endpoint Protection 11.0 and Symantec AntiVirus 10.2, minimizing the seriousness of the breach. The situation has now changed dramatically...

Comments  (0)

3750d420f6c2a9844b529978894dc0be

2012 Has Delivered Her First Giant Data Breach

January 17, 2012 Added by:Josh Shaul

We consumers need to pressure business to change their practices and protect our information. By asking questions, we’ll force organizations to recognize the importance of effective security, and to either do it properly or lose customers to a competitor who will...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Symantec Hacked in 2006? Claim Raises More Questions

January 17, 2012 Added by:Headlines

Symantec now claims that the company's own networks were in fact breached back in 2006, leading to the loss of proprietary product data: "...an investigation into the matter had revealed that the company's networks had indeed been compromised"...

Comments  (3)

03b2ceb73723f8b53cd533e4fba898ee

T-Mobile: Hacktivism Strikes Again

January 16, 2012 Added by:Pierluigi Paganini

The technique is always the same: ridicule the opponents, show their inability to secure their networks, and express disagreement with the decisions and policies pursued by companies and government organizations...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

Zappos.com Hack: 24 Million Customer Records Breached

January 15, 2012 Added by:Headlines

A source has provided Infosec Island with a copy of a message they received while logging in to their account regarding a "security update". The message advises customers to change their password, but makes no mention of the massive data loss event...

Comments  (2)

959779642e6e758563e80b5d83150a9f

On the Israeli Credit Card Breach

January 08, 2012 Added by:Danny Lieberman

The biggest vulnerability of PCI DSS is that it’s about 10 years behind the curve. When people in the PCI DSS Security Council in Europe confess to never having heard of DLP and when the standard places an obsessive emphasis on anti-virus, you know you're still in Kansas...

Comments  (0)

C4363f41d25c216c53c8d71a1ac44a90

Post-Breach STRATFOR Mailings: Fake vs Real?

January 07, 2012 Added by:Matthijs R. Koot

Infosec-savvy STRATFOR subscribers will look for clues to distinguish a fake email. Why would STRATFOR act in a manner that obfuscates four clues? STRATFOR knew about the breach since at least Dec 24/25, so I assume there has been time to advise on coping with fake mailings...

Comments  (2)

Page « < 3 - 4 - 5 - 6 - 7 > »