Category: Commentaries and Analyses

Robert McMillan reports: If you’re a criminal looking for full control of the Web used by the U.S. Army’s Communications-Electronics Command (CECOM), you can get it for just under US$500. At least that’s what one hacker is offering in underground forums. Security vendor Imperva found the black market sales pitch Thursday and posted details of…

Over on The New School of Information Security, Adam has a post that those of us who report on breaches or comment on the impact of breaches need to read, and  I do encourage everyone to watch the video and read his entry.  The bottom line of his post is that security breaches do not…

From the Internet Crime Complaint Center (IC3): Recent FBI analysis reveals that cyber criminals engaging in ACH/wire transfer fraud have targeted businesses by responding via e-mail to employment opportunities posted online. Recently, more than $150,000 was stolen from a US business via unauthorized wire transfer as a result of an e-mail the business received that contained malware. The…

Tracy Kitten writes: Forty-six states have breach-notification laws on the books, but no law is the same, and enforcement is weak. In 2011, as malicious breaches continue and the sophistication of cyberattacks increases, Foley, co-founder of the non-profit Identity Theft Resource Center, says it’s time for a national breach notification law. “This would be easier…

Max Smith reports: If you live or work in Maryland, your personal information; including tax forms, license applications and state payroll details, are on file in the Maryland Comptroller’s office, and an audit has found its systems should be more secure. The legislative audit found that software security and access controls were inadequate, with 84…