|
Americans
Worry About Security, Health
(darkreading.com, 20 May 2008)
The latest U.S. results of the Unisys Security Index reveal
that Americans are more concerned than they were seven months
ago about national security issues and health epidemics.
Other key findings indicate an increase in consumer concern
about financial security issues and worry over identity
theft.
|
|
|
CompTIA:
Only One in Four Severe Data Breaches Are Intentional
(darkreading.com, 20 May 2008)
New IT security report finds that most severe security
breaches at US firms are inadvertent and caused by human
error or technical malfunctions – and intentional breaches
come mainly from the outside
|
|
|
Hospital
Security Programs Ailing, Study Says
(darkreading.com, 20 May 2008)
From 2006-2007, more than 1.5 million patients' personal
information was exposed through hospitals alone, according
to a study released earlier this week by research firm HIMSS
Analytics and Kroll Fraud Solutions, a risk management firm.
That doesn't count insurance companies, pharmaceutical companies,
or individual doctors' offices.
|
|
|
Internet
Scam Collected Data From Thousands
(msnbc.msn.com, 19 May 2008)
Thirty-eight people were charged Monday with stealing names,
Social Security identification numbers, credit card data
and other personal information from unsuspecting Internet
users as part of a global crime ring..
|
|
|
Five
Identity Management Trends to Watch
(blog.imprivata.com, 19 May 2008)
. . . "what's new in identity management?" As
simple as it is, it's a big question so here are five trends
that I see out there for identity management... at least
for now.
|
|
|
Amended
FRCP Rocks the Data Center
(continuitycentral.com, 29 February 2008)
On December 1, 2006, the Federal Rules of Civil Procedure
was amended to provide expanded definition and structure
to the newest class of legally discoverable business data:
electronically stored information (ESI). Data management
will never be the same.
|
|
|
Feds
Downplay Privacy Fears on Plan to Expand Monitoring of Government
Networks
(computerworld.com, 28 February 2008)
Mendacious machines controlled by hackers that reroute
Internet traffic from infected computers to fraudulent Web
sites are increasingly being used to launch attacks, according
to a paper published this week by researchers with the Georgia
Institute of Technology and Google Inc.
|
|
|
Use
of Rogue DNS Servers on Rise
(ap.google.com, 13 February 2008)
Mendacious machines controlled by hackers that reroute
Internet traffic from infected computers to fraudulent Web
sites are increasingly being used to launch attacks, according
to a paper published this week by researchers with the Georgia
Institute of Technology and Google Inc.
|
|
|
Ten
Myths About Identity Fraud
(darkreading.com, 12 February 2008)
Identity fraud is running rampant. Between corporate breaches
and online exploits against individuals, hackers are stealing
identities in record numbers and posting it to the Web from
all over the country, right?
Wrong on all counts, according to new studies of the ID
fraud space. The reports -- one released yesterday by Javelin
Strategy and Research, and one released by ID Analytics
a few months ago -- offer data that debunks many of the
current myths about identity theft.
|
|
|
IBM
Report: Vulnerabilities Decline for First Time in 10 Years
(darkreading.com, 12 February 2008)
If you weren’t already convinced that your Website is at
risk, consider this: Nearly 100 percent of Web attacks last
year used some form of obfuscation to avoid detection by
security tools, according to IBM's just-released 2007 X-Force
Security report.
|
|
|
Securites
Industry Next Target of Online Fraud
(darkreading.com, 11 February 2008)
Securities and brokerage firms use lessons learned from
the banking industry to take a more proactive stance against
online fraud and identity theft, according to a recent survey
conducted by Digital Resolve, a leading provider of online
authentication and fraud detection solutions.
|
|
|
DNS
Inventor Warns of Next Big Threat
(darkreading.com, 11 February 2008)
The industry is just one multi-million-dollar corporate
data breach away from waking up to the serious and often-silent
threat of corrupted DNS resolution servers, says DNS inventor
Paul Mockapetris.
|
|
|
Encryption
Could Make You More Vulnerable, Warn Experts
(itworld.com, 11 February 2008)
The use of data encryption could make organizations vulnerable
to new risks and threats, a panel of security experts warned
Monday.
|
|
Tech
Road Map: One Token To Rule Them All
(informationweek.com, 9 February 2008)
We've long known that multifactor authentication provides
stronger security over simple passwords, but a limited number
of options, cost, interoperability issues, and the dread
that IT pros feel at the idea of issuing users multiple
tokens have put a damper on deployment. With its recently
released Reference Architecture 2.0, the Initiative for
Open Authentication, or OATH, hopes to allay these misgivings
with an open standard to bring strong authentication to
applications and services.
|
|
|
Thoughts
From a Life Hacker
(akale.livejournal.com, 9 February 2008)
Multi-Party Computation, and what it means to the average
consumer.
|
|
|
Retailers
Need to Step Up IT Security, says Deloitte
(computerweekly.com, 7 February 2008)
Retailers are losing the battle against IT security threats
because most have no strategy for their long term defence
and merely respond to incidents, says a report from management
consultancy Deloittes.
|
|
|
Report:
Security-Wise, the Mac Platform Is Getting Shaky
(technewsworld.com, 5 February 2008)
Organized criminal gangs arrived at Apple's doorstep for
the first time in 2007 with malware tools in hand to intentionally
steal money, according to a recent report from IT security
and control firm Sophos Latest News about Sophos. With proof
that hackers are extending their efforts beyond Windows,
Sophos has warned computer users of all operating systems
not to be complacent about security.
|
|
|
Survey:
Users Believe Internet Is “Safer”
(baselinemag.com, 4 February 2008)
What do the Italians and Germans know about the security
of the Internet that the rest of the world doesn’t? According
to a new survey of more than 1,000 Web users in 10 countries,
only Italy and Germany say the Internet was less safe in
2007 than it was in 2006.
|
|
|
Calif.
Considers Expanding Data Breach Notification Rules
(informationweek.com, 4 February 2008)
The California State Senate passed a data breach bill that
requires notices to explain clearly what has happened and
what people can do to protect themselves.
|
|
|
Spyware
Threat Isn't Dead, Experts Say
(darkreading.com, 1 February 2008)
Anti-Spyware Coalition Public Workshop 2008 -- Spyware
isn't extinct, but it's undergoing a major evolution, experts
said here today.
Change was the theme as some of the industry's top spyware
experts gathered here to discuss problems and solutions
with the technology. The bottom line: Traditional spyware
is on the decline, but the threat continues to endanger
users as malware authors' tactics become more sophisticated.
|
|
|
Email
Authentication Reaches 'Tipping Point'
(darkreading.com, 1 February 2008)
For once, some good news on the anti-phishing and anti-spam
front: Over half of legitimate email worldwide is now being
authenticated, according to the Authentication and Online
Trust Alliance (AOTA).
|
|
|
Enterprises
Rolling on Logs
(darkreading.com, 28 January 2008)
Security and system logs are things you pull up when you
have no other choice -- when a problem occurs and that's
the only way to find it, right?
|
|
|
Go
Phish: Watch Out for These 10 Scams
(darkreading.com, 28 January 2008)
We've come a long way since we first received letters in
the mail from a Nigerian refugee prince desperately looking
for safe haven to store his abundant stockpile of money.
Or have we?
|
|
|
Cybercrime
Flourishes in Online Hacker Forums
(Identity Theft, 26 January 2008)
Criminals covet your identity data like never before. What's
more, they've perfected more ways to access your bank accounts,
grab your Social Security number and manipulate your identity
than you can imagine.
Want proof? Just visit any of a dozen or so thriving cybercrime
forums, websites that mirror the services of Amazon.com
and the efficiencies of eBay.
|
|
|
Google
and eBay Thwart Phishing Redirection Ruse
(theregister.co.uk, 23 January 2008)
High-profile websites have cleaned up their act after a
small team of security researchers documented how they were
unwittingly helping phishing fraudsters.
|
|
|
Hackers
Attack World's Largest Jobs Site
(hackinthebox.org, 23 January 2008)
Hundreds of thousands of people have been exposed to the
risk of blackmail after the website of the world's largest
online recruiter was hacked.
|
|
|
Mexico
and Africa to Become Malware Hotspots
(theregister.co.uk, 18 January 2008)
If one were to go back through the archives of the Sans
Institute's Top Threats lists, some of which I have contributed
to, one would find the range of threats and vulnerabilities
shifting and changing through the years along with the ever-changing
security landscape itself, writes Timothy Mullen, vice-president
of consulting services at NGS Software.
|
|
|
The
Silent Danger of a Clever Trojan
(computerweekly.com, 14 January 2008)
For the second time in the past two months, a nasty new
computer threat has quietly spread across the web infecting
countless computers with a key-logging Trojan. Bank log-ins,
PIN codes and credit card details are among the booty this
piece of malware is designed to Hoover up.
|
|
|
Attackers
Use New 'Call-Home' Method to Infiltrate Home Networks
(darkreading.com, 17 January 2008)
Now the bad guys have discovered a way to set up a stealthy,
continuous connection between the machines they infect and
their own command and control servers.
|
|
|
Malware
Quietly Reaching 'Epidemic' Levels
(darkreading.com, 16 January 2008)
Everybody knew it was bad, but few knew it was this bad.
In separate studies released yesterday, two research firms
now say that malware increased between 500 percent and 1,000
percent in 2007, and it shows no signs of slowing down.
|
|
|
How
to Combat the Sans Institute's Top 10 Security Threats
(computerweekly.com, 14 January 2008)
If one were to go back through the archives of the Sans
Institute's Top Threats lists, some of which I have contributed
to, one would find the range of threats and vulnerabilities
shifting and changing through the years along with the ever-changing
security landscape itself, writes Timothy Mullen, vice-president
of consulting services at NGS Software.
|
|
|
IRS
Still Hasn't Fixed Security Problems
(darkreading.com, 14 January 2008)
The U.S. Internal Revenue Service still hasn't resolved
almost 70 percent of the IT security issues that the Government
Accountability Office identified at the agency last year,
according to a report published last week.
|
|
|
Data
Breaches: Getting Worse or Better?
(darkreading.com, 4 January 2008)
The year 2007 may or may not have been a record-setting
year in terms of data breaches. Whether it was or wasn't
depends on how one counts.
|
