SEARCH RESULTS
 
Showing 1-10 of 63 records
 
Expand article

Third Parties Controlling Information

2008-02-27 05:46:46 by schneier in Schneier on Security
 
...regularly disappear -- sometimes within a few days of my linking to them It may be because of a site's policies -- some newspapers only have a couple of weeks on their website -- or it may be more random: Position papers disappear off a politician's website after he changes his mind on an issue, corporate literature disappears from the...
 
Tags: regularly disappear, regularly, disappear, position papers disappear, web bulletin board, web, information, entire websites disappear, internet
 
 
 
 
Expand article

Lost Horizon Blue Cross Blue Shield of New Jersey laptop

The Article has images
2008-02-11 13:52:36 by Evan Francen in The Breach Blog
...regularly works with member data Evan] I wonder how many other employees regularly work with member data on unencrypted laptops Thomas Rubino, director of public affairs for Horizon, said the loss of data resulted from a violation of company security practices, and was being investigated on January 23, 2008, a security feature was initiated...
 
Tags: horizon, horizon bcbsnj takes, horizon bcbsnj, data, medical data, jersey, remotely destroy data, bcbsnj, laptop
 
 
 
 
Expand article

Supporting your family, friends, and neighbors

2008-02-13 17:45:40 by Steve Riley in Steve Riley on Security
 
...regularly through Microsoft Update, which is yet another excellent reason for keeping the automatic update client enabled. Also be sure that you configure them to block images in HTML mail, which are often used for secretly tracking whether someones read a message Dont forget to teach your FFN about basic techniques they can learn to become...
 
Tags: suspicious e-mail message, mail, home computers defense, home computers, e-mail, home, web mail, windows live mail, site
 
 
 
 
Expand article

The Arizona Office of the Auditor General finds plenty of holes

The Article has images
2008-06-23 12:28:27 by Evan Francen in The Breach Blog
...regularly update their lists of applications. They then need to develop and implement procedures for regularly conducting security reviews of their critical Web-based applications. [Evan] Even though it seems like its the same story in company after company, I am still amazed by how many organizations don't know what or how many applications...
 
Tags: information, information security officer, personal information, information security staffs, confidential information, information security, university information, sensitive information, sensitive
 
 
 
 
Expand article

Thwarting a large-scale phishing attack

2007-06-11 11:35:00 by Niels Provos in Google Online Security Blog
 
...regularly and run an anti-virus program. If a cyber-criminal gains control of your computer through a virus or a software security flaw, he doesn't need to resort to phishing to steal your information Use different passwords on different sites and change them periodically. Phishers routinely try to log in to high-value targets, like online...
 
Tags: myspace, myspace profiles, real myspace content, myspace account, attack, dummy myspace account, phishers move, phishers, lower-value sites
 
 
 
 
Expand article

Information flow tracing and software testing

2007-09-17 09:32:00 by Niels Provos in Google Online Security Blog
 
...regularly performed using fuzz testing. As previously discussed on this blog, Srinath's Lemon uses a form of smart fuzzing. Lemon is aware of classes of web application threats and the input families which trigger them, but not all fuzz testing frameworks have to be this complicated. Fuzz testing originally relied on purely random data,...
 
Tags: input, flayer marks, initial input samples, flayer, fuzz, fuzz testers require, checks, dynamic analysis framework, sanity checks
 
 
 
 
Expand article

KimsCrafts e-commerce breach affects 4,500

The Article has images
2007-12-14 16:08:39 by Evan Francen in The Breach Blog
...regularly (after testing Employ a third-party to validate your results and suggest improvements These are the tips off the top of my head. I am sure you can think of more, but this'll get ya started Past Breaches Unknown
 
Tags: kimscrafts, breach, e-commerce, credit file, credit, credit card data, kimscrafts e-commerce site, data, data security firm
 
 
 
 
Expand article

Duke School of Law breach affects 3,200

The Article has images
2007-12-06 11:37:20 by Evan Francen in The Breach Blog
...regularly all along. Unfortunately, there are people affected already What has been done to secure the web site and prevent this from happening again Over the weekend, we moved the site off our web server to allow us to install a completely new operating system and new software. While that was being done, we also reviewed all the data from...
 
Tags: school, duke school, breach, security, comfyllama social security, complete, breach description, complete security scan, security breach
 
 
 
 
Expand article

Passport Canada web site suffers serious breach

The Article has images
2007-12-05 11:51:09 by Evan Francen in The Breach Blog
...regularly ran our own internal pen testing and security assesments as well as contracted a third-party to do so on a semi-annual basis. It just made good, common, business sense. There was no law requiring us to do it, there was not a VISA CISP requiring us to do it, heck there wasn't a SOX or GLBA either! What happened to companies and...
 
Tags: passport canada, information, personal information, passport application information, application, breach, passport application site, passport canada spokesman, significant security breaches
 
 
 
 
Expand article

10 things you should be doing to protect your company against email risks

2007-11-02 23:30:15 by Administrator in Email security & compliance blog
 
...Regularly train users in applying the email