Latest Posts


From the Web

Study: 600K campus records hacked this year

September 21, 2009 from: Office of Inadequate Security

Computer hackers reportedly have stolen identifying information and credit card numbers from more than half a million — some 600,000 — college students, faculty, and alumni this year. This is prompting some campus IT officials to call for a “total overhaul” of computer security protocol.

Comments  (0)


From the Web

What Star Trek Predicts About The Future of Information Security

September 18, 2009 from: Rsnake's blog at ha.ckers.org

I had a funny thought while talking with some folks from Intel about what the future state of of information security would look like and how that relates to what our favorite nerdy show, Star Trek, has to say on the topic. This is meant to be a funny post, but there may be some truth buried in here somewhere too. Without further ado:

Comments  (2)


From the Web

Commerce Bank replaces cards compromised in Heartland breach

September 18, 2009 from: Office of Inadequate Security

Dan Margolies reports that Commerce Bank in Kansas City is first replacing credit cards after a recent small wave of fraudulent activity was reported. The compromised cards were involved in the Heartland Payment Systems breach disclosed in January 2009.

Comments  (0)


From the Web

ID theft ringleader back in custody after 4 years on the lam

September 17, 2009 from: Office of Inadequate Security

The mastermind of an identify theft ring who fled after being sentenced for his role in the scheme to steal personal and confidential credit report profiles of thousands of customers of Weichert Financial Services, Inc. pleaded guilty today to failure to surrender to federal prison.

Comments  (0)


From the Web

Man sentenced for micro-deposit scam

September 17, 2009 from: Office of Inadequate Security

A 22-year old man was sentenced to 15 months in prison and restitution of $200,073.44 for fraud and related activity in connection with computers. After release from prison, Michael Largent will also face three years of strict restrictions on his use of computers and the Internet.

Comments  (0)


From the Web

Plugin Updating Project: Follow up

September 16, 2009 from: Mozilla Security Blog

I wrote last week about a new project we’ve [Mozilla] started, informing our users when they’re running out of date versions of popular plugins. We focused our initial efforts on the Adobe Flash Player and now, a week after launch, Mozilla’s Numerator, Ken Kovash, has a blog post up looking at the results.

Comments  (0)


From the Web

Auditor: Bullitt lacked proper controls to prevent online theft

September 16, 2009 from: Office of Inadequate Security

Bullitt County [Kentucky] Fiscal Court did not have sufficient online banking controls in place at the time of the June online theft of $415,989, according to a report by the state auditor.

Comments  (0)


From the Web

Houston police bust large ID theft ring

September 15, 2009 from: Office of Inadequate Security

Police have busted a Houston-based identity theft ring that victimized 457 people and 83 businesses scattered across 25 states, investigators announced today.

Comments  (0)


From the Web

Postal inspectors uncover MassMutual customer data during ID theft investigation

September 15, 2009 from: Office of Inadequate Security

Massachusetts Mutual Life Insurance Company (”MassMutual”) recently discovered that an insider had printouts of customer data that might have been used for fraudulent purposes.

Comments  (0)


From the Web

Heartland CEO: Credit Card Encryption Needed

September 15, 2009 from: Office of Inadequate Security

Grant Gross of IDG News Service reports that in testimony before the Senate Homeland Security and Governmental Affairs Committee yesterday, Heartland Payment Systems CEO Robert Carr was hit with a question about how the payment processor could have been breached for over one year and yet not detected it:

Comments  (0)


From the Web

Website exposes sensitive details on military personnel

September 08, 2009 from: Office of Inadequate Security

Programming errors on a website that helps commuters carpool to work are exposing sensitive information of workers for hundreds of employers in Southern California, including at least one military installation.

Comments  (1)


From the Web

Email Obfuscation and Spam Robots

September 08, 2009 from: Rsnake's blog at ha.ckers.org

I’ve long been interested in spam and robots that scrape for email addresses. I’ve done tons of work in the space, although I’ve never published any of it. Call it more of a side hobby than anything I really want to go public with - as it is with a lot of my research

Comments  (0)


From the Web

Digital Direct reports breach

September 05, 2009 from: Office of Inadequate Security

Chris Cooper of Bloomberg.com reports that Digital Direct, Inc., a unit of Mitsubishi Corp., had a breach of their e-commerce web site that resulted in the compromise of 52,000 customers’ credit card numbers.

Comments  (0)


From the Web

Helping users keep plugins updated

September 04, 2009 from: Mozilla Security Blog

Starting with the upcoming releases of Firefox 3.5.3 and Firefox 3.0.14, Mozilla will warn users if their version of the popular Adobe Flash Player plugin is out of date. Old versions of plugins can cause crashes and other stability problems, and can also be a significant security risk.

Comments  (0)


From the Web

Best of Application Security (Friday, Sep. 4)

September 04, 2009 from: Jeremiah Grossman's Blog

Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order. Regularly released until year end. Then the Best of Application Security 2009 will be selected!

Comments  (0)


From the Web

Announcement Regarding The October 2009 Critical Patch Update

September 03, 2009 from: The Oracle Global Product Security Blog

Because many Oracle customers with responsibility for deploying the Critical Patch Update within their respective organizations will be attending Oracle OpenWorld on October 11-15, 2009; the October 2009 Critical Patch Update originally scheduled to be published on Tuesday, October 13th 2009, will be released on October 20th 2009.

Comments  (0)


From the Web

Lifelock loses another round in court

September 03, 2009 from: Office of Inadequate Security

Experian has issued a press release indicating that a federal court in California has denied LifeLock’s request to reconsider a ruling which found that LifeLock’s practice of setting 90-day fraud alerts on Experian and other credit bureaus was unlawful:

Comments  (0)


From the Web

Wigan Council improves security after details on most school children are stolen

September 03, 2009 from: Office of Inadequate Security

Wigan Council has agreed to take action to comply with the Data Protection Act after the theft of a laptop computer containing personal information relating to approximately 43,000 children and young people. The laptop included personal details on most children and young people in Wigan’s schools

Comments  (0)


From the Web

U. Vermont announces credit card breach

September 02, 2009 from: Office of Inadequate Security

Unversity of Vermont recently discovered that the security of up to 242 university-funded credit cards has been compromised. Ann Naylor of UVM Procurement services said in a statement that UVM is unaware of how the breach occured.

Comments  (0)


From the Web

TJX settles banks’ lawsuit

September 02, 2009 from: Office of Inadequate Security

The Associated Press reports that TJX has settled TJX said it has paid $525,000 to settle claims by some banks about costs they incurred as a result of the retailer’s massive data breach. Other banks — AmeriFirst Bank, HarborOne Credit Union, SELCO Community Cre...

Comments  (0)