January 23, 2012 - In an escalation of the tendency to require companies to be forthright with their users following a breach, a European Union proposed bill intended to overhaul a 17-year old law is making progress. This week EU will outline the overhaul (continue reading...) Read more
January 17, 2012 - We read that Zappos.com was breached on Sunday, to the tune of 24+ million users’ worth of information. But it seems at first blush they responded well. Of course, a company would hope to never have a breach at (continue reading...) Read more
January 12, 2012 - We've noted the often staggering fees associated with a credit card breach, normally accompanied by a slew of bad press. We've seen Stratfor, in light of their recent hack, dealing with public exposure issues due, in part, to (continue reading...) Read more
December 30, 2011 - Newton's 3rd law is often stated as "for every action there is an equal and opposite reaction." Actually, what Newton actually said is a little more complex* than that, but this article isn't about physics (or else I'd leave (continue reading...) Read more
December 29, 2011 - Recently we noted that unencrypted credit card storage was on the rise in 2011, and also highlighted the expense involved to the company in the event of a credit card breach. Now we see personal data – including (continue reading...) Read more
December 19, 2011 - We’ve noted recently that many companies store credit card information in an unencrypted form, sometimes several years' worth. So what happens if your systems get hacked before you get around to securing that credit card data? Sure, there’s the (continue reading...) Read more
December 14, 2011 - In 2011 we saw an increase concern about, and scrutiny of, what exactly social networking sites do with the data you input, both internally as well as what gets shared with third parties. But in 2012 some of that scrutiny (continue reading...) Read more
December 13, 2011 - More websites stored unencrypted credit card payment information than ever this year, according to a recent report. I thought we had this figured out? Obviously this is a direct violation of Payment Card Industry Data Security Standard (PCI DSS) (continue reading...) Read more
December 1, 2011 - Recently we see allegations that CarrierIQ is quietly collecting more information than Android users bargained for. In one case, Trevor Eckhart thinks he proved that they register users’ keystrokes without the users’ knowledge for reasons subject to ongoing speculation. (continue reading...) Read more
November 29, 2011 - SophosLabs has been tracking an increase in targeted attacks focused on hospitality and education organizations. The malware steals credit card data directly from memory for later retrieval by the criminals involved. Read more
November 14, 2011 - Well, okay, if you happen to be an extremely fast reader. The Association of Anti Virus Asia Researcher’s (AVAR) 14th AVAR Conference just wrapped up in Hong Kong on Friday. This year, the focus was on security issues in (continue reading...) Read more
November 14, 2011 - Months back a rather vocal series of micro-hacktivist groups formed a somewhat larger, more vocal pseudo-organized non-organization ruled essentially democratically via IRC (among other things), attempting to cast light on perceived misdeeds by the large corporation (or government organization) du-jour (continue reading...) Read more
November 3, 2011 - Recently, a new data-stealing worm caught our attention. The reason why it stands out from many similar amateur creations is that its author is most probably Czech, as the text strings, variable and function names used by the malware suggest. (continue reading...) Read more
November 1, 2011 - Awhile back we posted findings of a Harris poll showing public perception of Internet security, with some interesting results. This time we take a look at whether respondents perceive the Government and/or their schools have an implicit responsibility, or (continue reading...) Read more
October 14, 2011 - A recent report from Commtouch finds about one third of Gmail, Yahoo, Hotmail and Facebook users even noticed when they were hacked, and more than half found out later after friends alerted them. This lag time provides a wide (continue reading...) Read more
September 30, 2011 - Actually $26, according to a study conducted by Argonne National Laboratory in Illinois, which was able to hack a Diebold voting machine with “about $26 and an 8th-grade science education.” In light of the rapidly approaching 2012 U.S. Presidential (continue reading...) Read more
September 23, 2011 - This morning we recorded a podcast posing the question “can legislation solve cybercrime?” Well, The Senate Judiciary Committee seems eager to play a part, passing a measure yesterday attempting to thwart computer attacks. Measure S.1151 sets a national standard for (continue reading...) Read more
September 22, 2011 - Since 2010 that is, following a law enacted in 2007 that requires all companies doing business in Massachusetts to inform consumers and state regulators about security breaches that might result in identity theft. Attorney General Martha Coakley’s office (continue reading...) Read more
September 15, 2011 - Following the recent spree of data breaches at Sony, resulting in a bevy of class-action lawsuits, it has updated the Terms of Service to preclude future class action suits from being leveled. To be sure, Sony has had sleepless nights (continue reading...) Read more
September 13, 2011 - What happens after you share data online, and others re-share it, etc.? As data becomes increasingly inter-connected, with multiple parties touching the same data, Internet users are starting to wonder: who DOES have access to their data? Are they acting (continue reading...) Read more