Scott Dance reports: Nearly a year after a massive data breach at the University of Maryland, state auditors say the campus network is still vulnerable to hackers — in part because gaps they identified five years ago remain. While patching those holes would not have prevented the breach, auditors and university officials said Wednesday, some…
Category: Commentaries and Analyses
Widespread Employee Access to Sensitive Files Puts Critical Data at Risk – Survey
From the press release: Despite a growing number of data breaches occurring under the glare of the public spotlight, 71 percent of employees in a new survey report that they have access to data they should not see, and more than half say that this access is frequent or very frequent. As attention shifts from…
Report finds Colorado state computers vulnerable to hacker attack
Chris Halsne reports: A just-released audit finds that Colorado state computer systems are vulnerable to a cyber attack. The report mirrors the results of a year-long FOX31 Denver investigation. We found gaping holes in security, some of which exposed the Social Security and bank account numbers of state employees and contractors. Monday, the State Auditor`s Office blamed the…
A Breakdown and Analysis of the December, 2014 Sony Hack
Risk Based Security (RBS) has posted a chronology and detailed analysis of the data dumps to date in the Sony hack. This is a must-read article for journalists or those interested in the scope of data types involved.
Toward a Breach Canary for Data Brokers
It wouldn’t prevent breaches, but having data brokers incorporate dummy identities in databases (“canaries”) might make it easier to figure out when a data broker’s database has been compromised and when their stolen information goes up for sale on the underground, Brian Krebs writes. Getting Congress off the dime to do something about data brokers has…
Bank account takeovers could be thwarted by blocking Tor – Treasury report
Brian Krebs reports: A new report from the U.S. Treasury Department found that a majority of bank account takeovers by cyberthieves over the past decade might have been thwarted had affected institutions known to look for and block transactions coming through Tor, a global communications network that helps users maintain anonymity by obfuscating their true location online. Read…