SEARCH RESULTS
 
Showing 1-10 of 80 records
 
Expand article

TRICARE breach affects 4,700 households

The Article has images
2007-12-20 12:15:59 by Evan Francen in The Breach Blog
...claim submitted to TMA Breach Description On November 7th, 2007 Electronic Data Systems (EDS) reported to TRICARE that they had discovered a potential compromise of sensitive personally identifiable information belonging to beneficiaries located in Europe. EDS is an IT contractor for TRICARE and "had not appropriately secured a part of the...
 
Tags: tricare, information, personal information, code review, by-line code review, information security, tricare beneficiaries, beneficiaries, breach
 
 
 
 
Expand article

Security is Everybody's Job

2007-09-18 00:00:00 by Jamie Barnett in Speaking of Security, the RSA Blog and Podcast
 
...claim that the standalone security market was not long for this world. Some in the audience must have thought he was Looney Tunes, making a claim like that at a longtime venue dedicated to all things security. In my role driving integrated solutions of RSA technology and EMC products, I speak with security, IT, and storage professionals...
 
Tags: security, standalone security market, job, information infrastructure products, storage professionals regularly, s-job, looney tunes, art coviello, emc products
 
 
 
 
Expand article

Identity Framework Probable Feature List

The Article has images
2007-12-16 06:42:00 by Keith Brown in Security Briefs
...claims your STS can issue (you have to generate a list of claim URIs that you will be issuing This is helpful for issuing managed cards, which need to specify which claims an IdP supplies What claims should be issued for a given user request, which consists of Information about the target relying party (AppliesTo), which is not always known...
 
Tags: informationcard login control, login control, information card serializer, information, control, user authentication methods, user, custom sts, card
 
 
 
 
Expand article

Authorization vs. Business Logic

2008-01-09 05:37:00 by Keith Brown in Security Briefs
 
...claim in order to be able to call a method, then it's easy to factor out that type of logic. This is what WCF's ServiceAuthorizationManager is all about, for example But it's not always that easy, is it? What if you want the outcome of the method to be slightly different depending on the user's security context? Perhaps you're going to use...
 
Tags: business logic, logic, authorization, authorization logic, factor, method, easily factor, security context, security
 
 
 
 
Expand article

Warming the cold boot a bit of braggin from BitArmor

2008-02-28 13:17:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...claim the attack is so esoteric, the customer need not worry this is just research stuff Leave it to us approach: Some claim to have solved the problem, but with no indication of what that means or how they do it Increase your complexity approach: Some want you to increase the end-user complexity with process and unnatural actions to solve...
 
Tags: approach, happy approach, disk encryption products, disk encryption, complexity approach, bitarmor, disk encryption technologies, researchers, princeton researchers
 
 
 
 
Expand article

From warzones to strip clubs, the truth comes out for a former First Lady and a Pastor.

2008-03-30 20:57:00 by John Sexton in The Bullet Proof Blog
 
...claiming to have come under sniper fire during a photo op. in Bosnia. On Thursday, Michael Dobbs once again awarded Senator Clinton another "poker" of Pinocchios This time she took heat for claiming that her trip to Bosnia was the first visit to a "war zone" by a first lady since World War II. Her claim is considered completly inaccurate,...
 
Tags: senator clinton, sniper fire, avoid sniper fire, role models, war zone, lady, pastor, air force col, persian gulf war
 
 
 
 
Expand article

Hannaford Supermarkets

The Article has images
2008-03-22 12:27:00 by Random InfoSec Guy in Security Coin
...claim to be certified as compliant with PCI DSS. So what value does the certification hold Instead of saying PCI is worthless, lets step back for a minute and think about this. If this was an inside job, PCI Co can't be blamed. Also, as it stands today, the QSAs/ASVs can claim that their assessment was a point in time and as such, they...
 
Tags: card, debit card, pci, track data, pci dss, data, hannaford supermarkets, hannaford, pci compliant
 
 
 
 
Expand article

My RSA trip is off to a terrible start

2008-04-07 04:22:02 by HASH0x8b890c0 in StillSecure, After All These Years
 
...claim. I wait another 30 minutes for all of the luggage to come off the plane and don't you know it, my luggage with the big priority tag they put on it is not on the plane. I stand on another line to make another claim. They tell me that the first flight in tomorrow is due in at 10:58 am, I might have my luggage by noon if I am very lucky....
 
Tags: plane, flight home, flight, san fran, minutes, luggage, 1am pacific time, pacific, trip
 
 
 
 
Expand article

Index on Censorship: Shifting Borders

2007-12-18 11:23:50 by Steven J. Murdoch in Light Blue Touchpaper
 
...claim that the Internet is free from barriers. They exist, and while often aligning with national boundaries they are hopefully lower However, the changing nature of the end-to-end principle is increasing the significance of barriers that stem from industry structure which companies are hosting controversial information, where they do...
 
Tags: censorship, internet censorship, internet, article, nart villeneuves article, journal index, journal, ross anderson, national boundaries
 
 
 
 
Expand article

Maryland Department of Assessments & Taxation web exposure

The Article has images
2008-01-05 14:02:15 by Evan Francen in The Breach Blog
...claim the risk of exp