1. HCISPP℠ – HealthCare Information Security and Privacy Practitioner

      As the rapidly evolving healthcare industry faces increasing challenges to keeping personal health information protected – including growing volumes of electronic health records, new government regulations, and a more complex IT security landscape-here is a growing need to ensure knowledgeable and credentialed security and privacy practitioners are in place to protect this sensitive informati…Read More

  2. Penetration Testing vs. Vulnerability Assessment

    In the past few days, months and indeed years many people have approached me and asked me a very simple question… But bare in mind that this simple question was and indeed it is a still a big dilemma between many professionals in IT security, cyber security, management, decision-makers, policy, etc.  Thereby, the question is: What is the difference between Penetration testing and Vulnerability …Read More

  3. WEAKNESS IN ANDROID AD CLIENT INMOBI PUTS 2.5 BILLION DOWNLOADED APPS AT RISK

    “They are aggressive at collecting sensitive data, embedding functionalities and capabilities to perform dangerous operations such as downloading and running new code on demand, and they are also plagued with various classes of vulnerabilities that enable attackers to turn their aggressive behaviors against users,” researchers, Yulong Zhang, Hui Xue, Tao Wei and Dawn Song wrote today on the co…Read More

  4. Time To Float Your Business Up Into The Cloud?

      One of the biggest buzzwords being used right now is “the cloud.”  So, what is the cloud? There are many different definitions you can find, but for the small business owner it means essentially outsourcing your IT infrastructure (possibly including applications, servers, data storage, etc) remotely.  Why would you move to the cloud?  The most commonly cited reasons are focused upon the …Read More

  5. Encrypted PIN Data Stolen in Target Breach

    Target confirmed this morning that encrypted PIN data was stolen in the Black Friday data breach that exposed 40 million accounts to fraud. Spokesperson Molly Snyder said the ongoing forensics investigation confirmed that PIN data was accessed as well, contrary to previous claims made by the retail giant. “We remain confident that PIN numbers are safe and secure,” Snyder said in a statement. …Read More

  6. Target Suffered Massive Data Breach; 40M Cards Accessed

    UPDATE – TJX and Heartland Payment Systems may soon have company atop the list of the worst retail data breaches in U.S. history after reports surfaced that Target Corp. was breached around Black Friday and millions of credit and debit cards were stolen. Target confirmed the breach this morning and in a statement said 40 million credit and debit cards were accessed starting the day before Thanks…Read More

  7. Poor Patching, Communication Facilitated July Dept. of Energy Breach

    The U.S. Department of Energy has thrown back the covers on a July breach that exposed the personal information of more than 104,000 individuals, painting a less than flattering portrait of IT and agency management failures around vulnerability management, access controls and a general lack of communication between decision makers. Hackers were able to penetrate a Web-facing application and steal …Read More

  8. Half Million Users Affected in JP Morgan Ucard Data Breach

    An attack on the computer networks of banking giant JP Morgan Chase & Co. may have exposed sensitive information belonging to 465,000 prepaid cash-card holders, according to a Reuters report. JP Morgan said the attack targeted Web servers handling its Ucard program in mid-September and that the company has since remedied the underlying flaws that led to the breach and contacted law enforcement…Read More

  9. 4.6 Million Snapchat Usernames, Partial Phone Numbers Leaked in Breach

    It didn't take long for hackers to exploit a previously disclosed vulnerability in the popular photo sharing application Snapchat. As yet unidentified hackers spent yesterday's New Year's holiday dumping 4.6 million of the service's usernames and partial phone numbers and posting them online for the public to peruse. The site that was hosting the slew of information, SnapchatDB.info, remains offli…Read More

  10. University of Washington Medicine Spills Patient Data

    After opening a malicious attachment in a phishing email, an employee at University of Washington Medicine in Seattle may have exposed the personal information of more than 90,000 Harborview Medical Center and University of Washington Medical Center patients. The breach took place in October. According to a press release on the UW Medicine website, upon opening the malware-laden attachment, the un…Read More