| Jul 30, 2010 00:00:00 | Achieve Both PCI Compliance and Web Security Watch this webcast to learn how to protect your organization from the surreptitious software and malware that allows criminals into the heart of the system enabling them to steal data. Published by: Akamai Technologies | ||
| Jul 29, 2010 20:15:54 | Just kidding. Google says there is no blockage to search in China Google said access to its search properties is normal and hasn’t been blocked. A spokesperson told us: “Because of the way we measure accessibility in China, it’s possible that our machines could overestimate the level of blockage. That seems to be what happened last night when there was a relatively small blockage. It appears now that users in China are accessing our properties normally.” Earlier today, a Google status page which publicly tracks access to its services in China, reported that there was full blockage, or that search was unavailable between 67 and 100 percent of the time. It’s a big deal because relations between the search giant and the Chinese government have been testy over the past year. Google stopped censoring its search results earlier this year after discovering that hackers had attempted to break into its data and access information related to human rights activists. When users in China try to access Google now, they reach a landing page which directs them to an uncensored version of search based in Hong Kong. China recently renewed Google’s right to operate in the country but it’s unclear how long this situation will last. Companies: Google
Google said access to its search properties is normal and hasn’t been blocked. A spokesperson told us: “Because of the way we measure accessibility in China, it’s possible that our machines could overestimate the level of blockage. That seems to be what happened last night when there was a relatively small blockage. It appears now that users in China are accessing our properties normally.” Earlier today, a Google status page which publicly tracks access to its services in China, reported that there was full blockage, or that search was unavailable between 67 and 100 percent of the time. It’s a big deal because relations between the search giant and the Chinese government have been testy over the past year. Google stopped censoring its search results earlier this year after discovering that hackers had attempted to break into its data and access information related to human rights activists. When users in China try to access Google now, they reach a landing page which directs them to an uncensored version of search based in Hong Kong. China recently renewed Google’s right to operate in the country but it’s unclear how long this situation will last. Companies: Google
| ||
| Jul 29, 2010 15:45:00 | TekVault Extends Compliance Services Portfolio by Partnering with Iron Mountain Visit StreetInsider.com at http://www.streetinsider.com/Press+Releases/TekVault+Extends+Compliance+Services+Portfolio+by+Partnering+with+Iron+Mountain/5847396.html for the full story. | ||
| Jul 29, 2010 13:03:21 | Dodgy Droid App That Steals Your Data And Sends It To China Downloaded Over A Million Times A questionable Android mobile wallpaper app that collects your personal data and sends it to a mysterious site in China, has been downloaded millions of times, according to data unearthed by mobile security firm Lookout .That means that apps that seem ... | ||
| Jul 29, 2010 12:03:52 | ATMs Can Be Hacked At the conference in Las Vegas, Barnaby Jack, director of research at IOActive, demonstrated attacks that would allow a criminal to compromise ATMs. The attack techniques could allow hypothetical thieves to steal cash, copy customers' ATM card data, or ... | ||
| Jul 29, 2010 11:13:00 | Android App Data Theft: Advantage Apple? Who does a better job of keeping bad guys out of their mobile software application library, Apple or Android Market? 
| ||
| Jul 29, 2010 10:10:03 | Millions of Android phone users slammed by malicious data theft app An app distributed by Google's Android Market has collected private data from millions of users...An app distributed by Google's Android Market has collected private data from millions of users...
| ||
| Jul 29, 2010 09:00:00 | Deloitte Becomes a HITRUST Common Security Framework (CSF) Assessor; Active in CSF Assurance Program NEW YORK, July 29 /PRNewswire/ -- As the dramatic rise in breaches, theft of patient health data and increasingly complex regulatory environment continues to put health care organizations and their business relationships under intense pressure and scrutiny regarding security and privacy, Deloitte, a | ||
| Jul 29, 2010 08:30:18 | Verizon: Data breaches often caused by configuration errors Hackers appear to be increasingly counting on configuration problems and programming errors rather than software vulnerabilities in order to steal information from computer systems, according to a new study from Verizon. | ||
| Jul 29, 2010 08:25:27 | 2010 Data Breach Report from Verizon, US Secret Service A study conducted by the Verizon Business RISK team in cooperation with the United States Secret Service has found that breaches of electronic records in 2009 involved more insider threats, greater use of social engineering and the continued strong involvement of organized criminal groups....
| ||
| Jul 29, 2010 06:17:37 | Cintas Document Management Earns PCI DSS Compliance for Third Consecutive Year | ||
| Jul 29, 2010 05:36:21 | Most Data Breaches Avoidable, Verizon Report Finds An exhaustive data breach report from Verizon, in collaboration with the U.S. Secret Service, finds while data breaches are declining, businesses of all sizes remain at risk, and many breaches could be easily avoided. - Communication giant Verizons 2010 Data Breach Investigations Report, based on a collaboration with the U.S. Secret Service, found breaches of electronic records last year involved more insider threats, greater use of social engineering and the continued strong involvement of organized criminal group...
| ||
| Jul 28, 2010 20:59:34 | Android wallpaper app that steals your data was downloaded by millions A questionable Android mobile wallpaper app, which collects your personal data and sends it to a mysterious site in China, has been downloaded millions of times, according to data unearthed by mobile security firm Lookout. That means that apps that seem good but are really stealing your personal information are a big risk at a time when mobile apps are exploding on smartphones said John Hering, chief executive, and Kevin MaHaffey, chief technology officer at Lookout, said in their talk at the Black Hat security conference in Las Vegas. “Even good apps can be modified to turn bad after a lot of people download it,” MaHaffey said. “Users absolutely have to pay attention to what they download. And developers have to be responsible about the data that they collect and how they use it.” The app in question came from Jackeey Wallpaper and it was uploaded to the Android Market, where users can download it and use it to decorate their phones that run the Google Android operating system.It includes branded wallpapers from My Little Pony to Star Wars. “This is something everyone should be vigilant about,” Hering said. It collects a user’s browsing history, text messages, your phone’s SIM card number, subscriber identification, and even your voice mail password. It sends the data to a web site, www.imnet.us. That site is evidently owned by someone in Shenzhen, China. The app has been downloaded anywhere from 1.1 million to 4.6 million times. The exact number isn’t known because the Android Market doesn’t offer precise data. The Lookout executives found the questionable app as part of their App Genome Project. Lookout is a mobile security firm and it logged data from more than 100,000 apps as part of the project to analyze how apps behave. It found that the apps access your personal data quite often. On Android, each user is asked if they give their permission to access an app, but on the iPhone, where Apple approves apps, no permission is needed. The executives also found that many apps use third-party software programs to do things such as feed ads into an app. Often, developers unquestionably use the software development kits of those third parties in their apps, even if they don’t know what they do. The search through the data showed that Jackeey Wallpaper and another developer known as iceskysl@1sters! were collecting personal data. Companies: Apple, Google, Lookout People: John Hering, Kevin MaHaffey
A questionable Android mobile wallpaper app, which collects your personal data and sends it to a mysterious site in China, has been downloaded millions of times, according to data unearthed by mobile security firm Lookout. That means that apps that seem good but are really stealing your personal information are a big risk at a time when mobile apps are exploding on smartphones said John Hering, chief executive, and Kevin MaHaffey, chief technology officer at Lookout, said in their talk at the Black Hat security conference in Las Vegas. “Even good apps can be modified to turn bad after a lot of people download it,” MaHaffey said. “Users absolutely have to pay attention to what they download. And developers have to be responsible about the data that they collect and how they use it.” The app in question came from Jackeey Wallpaper and it was uploaded to the Android Market, where users can download it and use it to decorate their phones that run the Google Android operating system.It includes branded wallpapers from My Little Pony to Star Wars. “This is something everyone should be vigilant about,” Hering said. It collects a user’s browsing history, text messages, your phone’s SIM card number, subscriber identification, and even your voice mail password. It sends the data to a web site, www.imnet.us. That site is evidently owned by someone in Shenzhen, China. The app has been downloaded anywhere from 1.1 million to 4.6 million times. The exact number isn’t known because the Android Market doesn’t offer precise data. The Lookout executives found the questionable app as part of their App Genome Project. Lookout is a mobile security firm and it logged data from more than 100,000 apps as part of the project to analyze how apps behave. It found that the apps access your personal data quite often. On Android, each user is asked if they give their permission to access an app, but on the iPhone, where Apple approves apps, no permission is needed. The executives also found that many apps use third-party software programs to do things such as feed ads into an app. Often, developers unquestionably use the software development kits of those third parties in their apps, even if they don’t know what they do. The search through the data showed that Jackeey Wallpaper and another developer known as iceskysl@1sters! were collecting personal data. Companies: Apple, Google, Lookout People: John Hering, Kevin MaHaffey
| ||
| Jul 28, 2010 20:56:56 | Organised crime behind 85 per cent of all data breaches Organised crime accounted for 85 per cent of all data stolen in external attacks on companies, according to a report carried out by Verizon Business in conjunction with the US Secret Service. The 2010 Verizon Data Breach Investigation Report used confidential information logged on the Verizon...
| ||
| Jul 28, 2010 14:00:00 | Verizon-Secret Service Breach Report Focuses On External Attacks Insiders were at least partly responsible for nearly half the data breaches investigated by Verizon Business and the U.S. Secret Service in 2009, but external attacks continue to account an overwhelming majority of records stolen, according to the 2010 Verizon Data Breach Investigation Report. The third annual report is the first to include data from the Secret Service, which accounts for a substantial increase (26 percent) in reported insider attacks over the previous year. However, more than 138 million of the 143 million records stolen were attributed to external attacks, with the balance rest split about equally between insider compromises and multiple agents, generally a combination of outside attackers working with employees or partners. | ||
| Jul 28, 2010 13:32:24 | Verizon-Secret Service Breach Report Shows External Attacks Still Worst Insiders were at least partly responsible for nearly half the data breaches investigated by Verizon Business and the U.S. Secret Service in 2009, but external attacks continue to account an overwhelming majority of records stolen, according to the 2010 Verizon Data Breach Investigation Report. The third annual report is the first to include data from the Secret Service, which accounts for a substantial increase (26 percent) in reported insider attacks over the previous year. However, more than 138 million of the 143 million records stolen were attributed to external attacks, with the balance rest split about equally between insider compromises and multiple agents, generally a combination of outside attackers working with employees or partners. | ||
| Jul 28, 2010 09:48:41 | Consumers, Businesses Have Big Role in Protecting Personal and Financial Information | ||
| Jul 28, 2010 08:28:38 | Most data breaches tied to the mob, report Organized criminals were responsible for 85 percent of all stolen data last year according to a report. | ||
| Jul 28, 2010 08:15:55 | Report shows more insiders involved in cyber crime Stuart Sumner, Computing, Wednesday 28 July 2010 at 12:41:00 Verizon report shows that 2009 data breaches involved insiders and organised criminals The 2010 Verizon Data Breach Investigations report, based partly on information provided by the US Secret Service, has found that data breaches in 2009 involved more insider threats, greater use of social engineering and the continued strong involvement of organised criminal groups. Stolen credentials were the most common way of gaining unauthorised access to organisations last year, highlighting insufficient security practices for individuals and organisations. Organised criminal groups were responsible for 85 per cent of all stolen data last year, the report said. It also stated that most breaches could have been avoided if basic security measures had been in place. Only four per cent of breaches required difficult and expensive protective measures. Matthijs van der Wel, managing principal for the forensics team at Verizon, explained how an organisation can detect breaches. "You find the breaches in the log files," said van der Wel. "Typically where there's a data breach, the number of log lines in the file increases significantly. Or the log lines themselves get much longer, [showing that] someone is attempting an SQL injection." An SQL or sequel injection occurs when someone maliciously inputs a command into a webform, which could ask the database for a list of usernames and passwords. A poorly written webform will send this command directly to the database where it will be executed. Van der Wel had the following advice for organisations looking to secure their data from attack: 
| ||
| Jul 28, 2010 08:15:00 | Absolute Unveils Self-Healing Computer Lifecycle Management Solution Visit StreetInsider.com at http://www.streetinsider.com/Press+Releases/Absolute+Unveils+Self-Healing+Computer+Lifecycle+Management+Solution/5840620.html for the full story. | ||
| Jul 28, 2010 08:00:01 | Financial Sector Accounted For 94% Of Lost Data Last Year The banking sector provides the "nearest thing to actual cash for the criminal." | ||
| Jul 28, 2010 08:00:00 | Stolen Records, Data Prices Decline Verizon's 2010 Data Breach Investigations Report reveals some surprising shifts in cybercrime. | ||
| Jul 28, 2010 06:17:43 | Organised crime plots 85 percent of data breaches Organised criminals were responsible for 85 percent of all stolen data last year and of the unauthorised access incidents, 38 percent of the data breaches took advantage of stolen login credentials, according to the 2010 Verizon Data Breach Investigations ... | ||
| Jul 28, 2010 05:47:20 | Botnet hacker caught in Slovenia The FBI described the capture of Iserdo as a 'huge break' in the ongoing Mariposa investigation.A computer hacker known as Iserdo has been arrested in Slovenia.The 23-year-old is believed to have written the programme behind the mariposa virus, also known ... | ||
| Jul 28, 2010 02:33:36 | Verizon boosts Australian data-breach team Verizon Business has tripled the size of its Australian data-breach investigations team to handle a growing number of breaches in Asia-Pacific.Today it launched its Data Breach Investigations report based on global customer data and information last year ... | ||
| Jul 28, 2010 00:03:53 | 2010 Data Breach Report From Verizon Business, U.S. Secret Service Offers New Cybercrime Insights | ||
| Jul 27, 2010 11:16:18 | Power grid hacking fear grows as industrial-targetted virus emerges Safety of power plants and distribution in question Last week's disclosure of a sophisticated malware program targeting control system software from Siemens AG has renewed long-standing concerns about whether the US power grid can withstand targeted cyberattacks. The malware program, called Stuxnet, is designed to exploit a Windows Zero Day flaw to find and steal industrial data from Supervisory Control And Data Acquisition (SCADA) systems running Siemens' Simatic WinCC or PCS 7 software. 
| ||
| Jul 27, 2010 10:30:03 | US STOCKS SNAPSHOT-Wall St loses ground after consumer data (at Reuters) U.S. stocks lost ground on Tuesday, giving up short-lived gains after data showed consumer confidence fell in July to the lowest level since February on worries about the job market. | ||
| Jul 27, 2010 10:17:10 | Wall St loses ground after consumer data NEW YORK (Reuters) - U.S. stocks lost ground on Tuesday, giving up short-lived gains after data showed consumer confidence fell in July to the lowest level since February on worries about the job market.
| ||
| Jul 27, 2010 07:32:23 | Citi customers are advised to upgrade iPhone app to evade data breach On Monday the Wall Street Journal reported a glitch in the mobile banking app provided by Citi for iPhones which makes the sensitive information to be stored on the devices or PCs. After this report Citigroup Inc provided a statement where it said that ... | ||
| Jul 27, 2010 06:05:00 | Industrial virus revives power grid hacking fears Safety of power plants and distribution in question Last week's disclosure of a sophisticated malware program targeting control system software from Siemens AG has renewed long-standing concerns about whether the US power grid can withstand targeted cyberattacks. The malware program, called Stuxnet, is designed to exploit a Windows Zero Day flaw to find and steal industrial data from Supervisory Control And Data Acquisition (SCADA) systems running Siemens' Simatic WinCC or PCS 7 software. 
|
