SEARCH RESULTS
 
Showing 1-10 of 24 records
 
Expand article

Hannaford and Sweetbay supermarkets announce compromise of 4.2 million credit and debit cards

The Article has images
2008-03-18 00:07:06 by Evan Francen in The Breach Blog
...transmission of card authorization Evan] Their information security is "among the strongest in the industry"? Here is a hint as to how the information was illegally obtained, "during transmission of card authorization The intrusion affected Hannaford stores, Sweetbay stores in Florida and certain independently-owned retail locations in the...
 
Tags: credit, hannaford, breach description, breach, credit-card data breach, carry hannaford products, information, personal information, information security
 
 
 
 
Expand article

Hannaford Supermarkets

The Article has images
2008-03-22 12:27:00 by Random InfoSec Guy in Security Coin
...transmission of card authorization Huh No personal information such as names or addresses was accessed If that is the case, the authorizations should fail for most transactions of medium to high value when those numbers are reused since they don't have the name (I say most - because most auth engines typically use a complicated formula...
 
Tags: card, debit card, pci, track data, pci dss, data, hannaford supermarkets, hannaford, pci compliant
 
 
 
 
Expand article

Maryland Department of Assessments & Taxation web exposure

The Article has images
2008-01-05 14:02:15 by Evan Francen in The Breach Blog
...transmission lines from a specific location Evan] Not nearly impossible Somebody would have had to been focused in on that site," Mr. Young said. "The chances of that are virtually nil Evan] I do agree that the risk is relatively low, I do not agree that an attacker would have to have "been focused in on that site" in order to capture the...
 
Tags: maryland, sensitive personal information, personal information, secure server hadhas, server, web application server, application, information, information security
 
 
 
 
Expand article

PCI Data Collection: Your CVV isn't special

2007-08-22 00:00:00 by Manju Mude in Speaking of Security, the RSA Blog and Podcast
 
...transmission or customer service needs. Additionally, an extremely limited number of them may even have to collect CVV2 information, to ease the customer experience. PCI is very clear about forbidding the storage of PIN and CVV2 information and most merchants understand that this will cause serious problems in their audit results if they...
 
Tags: collect cvv2 information, cvv2 information, information, collect, store card data, competitive business edge, encrypt data, audit results, customer experience
 
 
 
 
Expand article

Wrapping up Threat Modeling

2008-02-14 22:51:35 by sdl in The Security Development Lifecycle
 
...transmission handles them for you. In my approach, this relates pretty closely to the concept of flow. If youre so focused on rules and jargon, you cant focus on what you should be building. Cool, well-designed features to help your customers In Conclusion We started this series by looking at the trouble with threat modeling. How people had...
 
Tags: threat, threat modelers, threat models, threat model, design, design specification, specification, set, challenges set people
 
 
 
 
Expand article

Hacking Medical Devices

2008-03-12 10:39:59 by schneier in Schneier on Security
 
...transmission ranges than Maximo also had enhanced security St. Jude Medical, the third major defibrillator company, said it used "proprietary techniques" to protect the security of its implants and had not heard of any unauthorized or illegal manipulation of them Just becuse you have no knowledge of something happening does not mean it's not...
 
Tags: devices, security, malicious security attack, cardiac, security risks, dangerous cardiac events, risks, icd incapable, icd
 
 
 
 
Expand article

Intrusion at Okemo Mountain Resort exposes customers

The Article has images
2008-04-01 20:44:59 by Evan Francen in The Breach Blog
...transmission of confidential information Okemo has been advised by Federal law enforcement officials that the matter is currently under investigation Okemo will provide updates on this incident on its website: www.okemo.com. For further information or assistance, cardholders are encouraged to call the following Toll Free Number,...
 
Tags: okemo, okemo mountain resort, okemo leadership, okemo ridge road, evan okemo, okemo promptly, evan, data, credit data
 
 
 
 
Expand article

Wi-Fi Group Finalizes Latest Wireless Flavor

2008-04-01 08:22:21 by Glennf in Wi-Fi Networking News
 
...transmission then become limited to the extent of the wired network--which will improve throughput and range. (A future standard might allow passive powering of lightweight devices from Ethernet, which is a neat reversal This is in the same category of new convergent standards such as Bluetooth over 802.11 and FireWire (IEEE 1394) over IEEE...
 
Tags: wi-fi, woe, wi-fi beats woe, wi-fi alliance, ethernet, ethernet network, woe-capable wi-fi systems, wi-fi signals, wi-fi signal
 
 
 
 
Expand article

RSA Impressions - 3: CTO Panel

2008-04-09 10:21:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...transmission" and run to that meeting About me: http://www.chuvakin.org
 
Tags: security, security bloggers, infrastructure- security, security defenses, fun security implications, security team, data criticality, data, data loss
 
 
 
 
Expand article

Hundreds of WiseBuys customers are victims of credit card fraud

The Article has images
2008-04-26 21:01:56 by Evan Francen in The Breach Blog
...transmission and that this is not an inside job. I am also going to say that this was not related to the Hannaford breach. I didn't exactly go out on a limb with my speculation, but I did speculate nonetheless Past Breaches Unknown
 
Tags: credit card, credit, wisebuys, credit union, credit union absorbs, credit issuer time, canton wisebuys store, report credit, credit card companies