Michael Mimoso reports: The 2015 Verizon Data Breach Investigations Report (DBIR) did some mythbusting on two fronts: the estimated cost per record lost in a breach is much lower than reported elsewhere; and mobile malware is a no-go. The DBIR is Verizon’s annual data dump collected from breaches it has investigated, along with contributed data from…
Category: Commentaries and Analyses
Oh, to be a fly on the wall (Crime Stoppers breach update)
If you read my post about the hack involving three Canadian chapters of Crime Stoppers, or if you follow me on Twitter (@pogowasright), you know that I’ve had a frustrating time trying to alert those chapters that they’ve been hacked and need to secure their data better. In the interim, as I browsed the pastes of the hacked data (which…
TeaMp0isoN reveals schools’ vulnerabilities
Reading @_TeaMp0isoN_’s Twitter timeline last night and this morning was somewhat disheartening. Tweet after tweet identified vulnerabilities that would enable hackers access to universities’ sites. For each school named, TeaMp0isoN indicated the type of vulnerability they had found and the vulnerable url. In some cases, if the university has a Twitter account, TeaMp0isoN included their Twitter account…
Education Sector Struggles With Botnets: BitSight
As this blog makes painfully clear, the education sector struggles with data security and lags way behind other sectors, in my opinion. Now a new report indicates another area of security where they’re lagging. Brian Prince reports: The education industry – which includes education companies, schools and colleges – brought up the rear in a new…
Why we can’t have nice things, Friday edition
Then I saw this: Big OPSEC fail by #TV5Monde pic.twitter.com/ioLGcbVKNg — pent0thal (@pent0thal) April 9, 2015 Passwords on the wall… That’s why we can’t have nice things. — pent0thal (@pent0thal) April 9, 2015
Personal data of people who never even applied to Auburn University was also exposed in breach
The Auburn University breach involving the exposure of information just got worse, in my opinion. Erin Edgemon reports that some of the people who had their data exposed not only never attended Auburn, but never even applied there. Not surprisingly, they would like to know how Auburn got personal information about them that wound up exposed. But Auburn reportedly…