SEARCH RESULTS
 
Showing 1-10 of 34 records
 
Expand article

Backup tape is stolen from Bristol-Myers Squibb

The Article has images
2008-07-18 11:26:26 by Evan Francen in The Breach Blog
...subsequent forensic work, it was determined that the data tape included personal information of current and former BMS employees Reference URL Pharmalot (copy of notification letter Pharmalot CNNMoney Report Credit Ed Silverman, Pharmalot Response From the online sources cited above The drugmaker sent letters over the past week saying a...
 
Tags: tape, back-up data tape, data tape, owner, data owner, data, bristol-myers squibb, information, personal information
 
 
 
 
Expand article

Auditing open source software

2007-10-08 16:13:00 by Panayiotis Mavrommatis in Google Online Security Blog
 
...subsequent additional integer overflow in the allocation of a buffer leads to a heap-based buffer overflow gunzip . In September 2006, my colleague Tavis Ormandy reported some interesting vulnerabilities in the gunzip decompressor. They were triggered when an evil compressed archive is decompressed. A lot of programs will automatically pass...
 
Tags: image, malicious image file, libtiff image, values, jpeg image, tiff header values, source, evil tiff file, evil
 
 
 
 
Expand article

REAL ID continues to have 'real' challenges

2007-06-18 00:00:00 by Shannon Kellogg in Speaking of Security, the RSA Blog and Podcast
 
...subsequent legislation all were ostensibly aiming for the same thing: preventing the use of a fraudulent driver's license by terrorists through the development of safeguards that would help prevent tampering and use of such a document for false identification -- and that would also enable more effective and trustworthy authentication of...
 
Tags: real, fraudulent driver, additional food, subsequent legislation, identity card, false identification, trustworthy authentication, recommendation, law
 
 
 
 
Expand article

July 2007 - Operating System Vulnerability Scorecard

The Article has images
2007-08-16 22:47:26 by jrjones in Jeff Jones Security Blog
...subsequent scorecards Novell, in a similar but different move, created a new psdb page for their version Enterprise Linux v10 SP1 products. At first, I thought they had not released any patches since mid-June. Nope. Let me give you details. If you want to see Patches for SLES10 for 2007, they're here:...
 
Tags: server, linux server builds, server charts, charts, ytd charts, non-linux products, linux products, linux products comments, common server roles
 
 
 
 
Expand article

Reliability Vs. Security

2007-12-07 16:46:00 by sdl in The Security Development Lifecycle
 
...subsequent recovery). With reliability, the pain is often less intense but occurs more frequently and over longer periods of time; its those annoying little bugs that waste time and force awkward work-arounds. You can pull the band-aid off all at once or endure it a little at a time. The pain is equally unacceptable There is one point I will...
 
Tags: folks, reliability folks deal, reliability, reliability folks, security, bugs, reliability bugs, reliability analysis, software reliability
 
 
 
 
Expand article

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle
 
...subsequent child processes and associated threads. When an exception occurred, the first version of this tool simply logged the file that caused the exception along with associated details such as the timestamp, exception code, exception address, stack trace and dump file. More recent versions have included the ability to monitor for CPU and...
 
Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions
 
 
 
 
Expand article

Stolen laptop contained unencrypted Fallon Community Health Plan information

The Article has images
2008-01-25 11:54:27 by Evan Francen in The Breach Blog
...subsequent investigation has proven this to be false Reference URL Worcester Telegram Boston Herald story Boston Business Journal story Report Credit Bob Kievra, Worcester Telegram & Gazette Response From the online sources cited above Fallon Community Health Plan said this afternoon the names, dates of birth and Medicare identification...
 
Tags: information, sensitive personal information, fallon, protect confidential information, accesses confidential information, fallon senior plan, senior plan, confidential information, unknown vendor
 
 
 
 
Expand article

Stolen laptop contained Centocor speaker-consultant information

The Article has images
2008-01-29 11:08:47 by Evan Francen in The Breach Blog
...subsequent investigation conducted by Centocor, one of the missing computers likely contained a file which included the name, city/state and social security/tax identification numbers of a number of people engaged by Centocor one of the laptops likely contained a file with information that was intended for management of our National Faculty...
 
Tags: centocor, information, evan centocor, evan, time centocor, centocor facilities, facilities, centocor laptops, laptops
 
 
 
 
Expand article

Workflow Services Context

2008-02-14 13:35:00 by Keith Brown in Security Briefs
 
...subsequent request so that further requests can be routed back to the same workflow instance That's all well and good, but what if you want to contact an *existing* workflow? You'll need to communicate the workflow instance id to the channel manually. This is possible by querying the channel's context. You'll need to add a reference to...
 
Tags: workflow, guid instanceid, guid, workflow instance, channel, instance, instanceid, instanceid guid, context
 
 
 
 
Expand article

Killing spree at Omaha mall

2007-12-08 18:03:00 by John Sexton in The Bullet Proof Blog
 
...subsequent lawsuits are very likely to far outweigh those additional security costs While we are talki