Over the summer we initiated what turned out to be a pretty darn big data security survey. The primary goal of the survey was to assess what data security controls people find most effective, as well as get a better understanding of how they are using the controls, what’s driving adoption, and a bit on…
Large collection of stolen logins go public
Christopher Boyd blogs: Below is a rather bland FarmVille phish that was brought to my attention by a friend who had it posted to their Facebook account. The entire page is blank save for the fake login. […] Nothing spectacular, I’m sure you’ll agree. However, we did a little digging around on the same URL…
UK: Pair who ran Hornsey Road illegal credit card factory jailed
Tristan Kirk reports: Two fraudsters who ran a lucrative credit card factory from a flat in Haringey have been jailed today. Gabriel Yew and Cheng Chee Weng set up the operation in Hornsey Road, producing bogus bank cards using at least 700 stolen account numbers. When police raided the flat earlier this year, they discovered…
Could Chat Transcripts Be Security Minefields?
I’ve linked to a number of Evan Schuman’s wonderful articles from databreaches.net, but this article is particularly relevant to this site. Evan writes: When Rite-Aid and Walgreens both announced pharmacist chat programs last month, they were the latest chains to try and use chat to get closer to their customers. But, ironically, the preservation of chat…
In: National ID card project subject to court order
Meanwhile, back in the world of future breaches, a court seemingly decides that it’s okay to go ahead and purchase technology to produce national ID cards that might produce substandard and insecure cards: The High Court on Tuesday held that implementation of a multipurpose national identity card scheme will be subject to the final outcome…
Cyber security challenge organisers in email privacy blunder
John Leyden reports: Organisers of the UK’s cyber security challenge committed an embarrassing email blunder by inadvertently revealing the email addresses of everyone who entered a forensics challenge to each other. A single challenge registration confirmation was CCed to everyone who entered, handing over a complete email list in the process. Read more in The Register.