SEARCH RESULTS
 
Showing 1-10 of 20 records
 
Expand article

42,000 West Penn Allegheny Health System Patients

2007-12-28 17:06:00 by Evan Francen in The Breach Blog
 
Technorati Tag: Security Breach Date Reported 12/17/07 Organization West Penn Allegheny Health System Contractor/Consultant/Branch None Victims Home care and hospice patients Number Affected 42,000 Types of Data Names, Social Security numbers, phone numbers, addresses and patient care information Breach Description On November 24th, 2007...
 
Tags: sensitive personal information, personal information, information, nurse, home care nurse, patients, home, information warrants, computer
 
 
 
 
Expand article

PCI Compliance not going away - 42% not compliant

2008-02-20 14:57:00 by Ryan Shopp in practical risk management
 
My inbox, like yours, is filled with numerous advertisements and spam on a daily basis, but this one actually grabbed my attention! It started out by saying according to VISA, 42% of large and medium-sized US merchants did not reach their respective PCI compliance deadlines. The penalty of non-compliance is merchants incur monthly fines (up to...
 
Tags: compliant, completely compliant, daily basis, virtual seminar, attention, survey results, merchants, numerous advertisements, half
 
 
 
 
Expand article

HACKED BY THE RBN!

The Article has images
2008-04-01 15:52:09 by HASH0x8b24a94 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
The RBN 0wnZ 7th1$ Bl0g! April 1st, 2008, St.Petersburg, Russia. The Russian Business Network, an internationally renowned cyber crime powerhouse is proud to present its very latest malware cocktail by embedding live exploit URLs within one of the top ten blogs to be malware embedded due to their overall negative attitude regarding the RBN's...
 
Tags: 42jdk7dx, 42jdk7dx pinch, 42jdk7dx system, 42jdk7dx ldig0031242, 42jdk7dx inst250, 42jdk7dx bhos, 42jdk7dx win32, exe, 42jdk7dx bho
 
 
 
 
Expand article

Setting file ACLs with PowerShell part 4

2007-11-29 09:34:00 by Keith Brown in Security Briefs
 
In part 3 , I walked through the following line of code newRule = New-Object Security.AccessControl.FileSystemAccessRule "keith", Modify, Allow I pointed out how the "Modify" was automatically converted into an enumeration value, promising that I'd talk more about enumerations later. Well, this value comes from the...
 
Tags: values, invalid enumeration values, enumeration, enumeration values, new-object security, object, powershell, invalid cast exception, cast
 
 
 
 
Expand article

Blue Box #68: Top 14 VoIP Vulnerabilities, Asterisk security, VoIP hacker, IMS, P2P, Skype, industry moves, VoIP security news, listener comments and

2007-10-27 14:33:10 by HASH0x8473034 in Blue Box: The VoIP Security Podcast
 
Synopsis: Blue Box #68: Top 14 VoIP Vulnerabilities, Asterisk security, VoIP hacker, IMS, P2P, Skype, industry moves, VoIP security news, listener comments and more Welcome to Blue Box: The VoIP Security Podcast #68, a 46-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions Download the show here (MP3,...
 
Tags: security, voip security news, asterisk, asterisk security, comments, sellsupport asterisk, skype, listener comments, listener comment line
 
 
 
 
Expand article

Blue Box #68: Top 14 VoIP Vulnerabilities, Asterisk security, VoIP hacker, IMS, P2P, Skype, industry moves, VoIP security news, listener comments and

2007-10-03 06:00:00 by Dan York in Blue Box: The VoIP Security Podcast
 
Synopsis: Blue Box #68: Top 14 VoIP Vulnerabilities, Asterisk security, VoIP hacker, IMS, P2P, Skype, industry moves, VoIP security news, listener comments and more Welcome to Blue Box: The VoIP Security Podcast #68, a 46-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions Download the show here (MP3,...
 
Tags: security, voip security news, asterisk, asterisk security, comments, sellsupport asterisk, skype, listener comments, listener comment line
 
 
 
 
Expand article

Pushdo - Web Based Malware as Usual

The Article has images
2007-12-19 18:01:44 by HASH0x89b80bc in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
Interesting assessment , especially the explanation of the GET variables, however, such descriptive use of POST variables to a malware's C&C server have been around for the last couple of years. What has logically changed is the added layer of obfuscation and complexity to make it hard to assess what does such a URL actually mean The malware...
 
Tags: malware, web based malware, pushdo, botnet masters circa, botnet masters, nuclear malware kit, botnet, pushdo author, botnet communication platforms
 
 
 
 
Expand article

Massive IFRAME SEO Poisoning Attack Continuing

The Article has images
2008-03-27 21:12:29 by HASH0x8b4fa7c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
Last week's massive IFRAME injection attack is slowly turning into a what looks like a large scale web application vulnerabilities audit of high profile sites. Following the timely news coverage , Symantec's rating for the attack as medium risk, StopBadware commenting on XP Antivirus 2008 , and US-CERT issuing a warning about the incident, after...
 
Tags: massive, single massive seo, profile sites, profile sites iframe, attack, seo, malware, malware attack, massive blackhat seo
 
 
 
 
Expand article

66.1 Host Locked

The Article has images
2007-11-28 16:13:28 by HASH0x89e99bc in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
Having found a static pattern for identifying a Rock Phish domain a couple of months ago in the form of the bogus " 209 Host Locked " message, the Rock Phishers seems to have picked up the finding and changed the default domain message to "66.1 Host Locked" as of recently. Here are the very latest Rock Phish domains using this ...
 
Tags: email, email service provider, email service, provider, responsibility, brand, internet service provider, default domain message, senders isp