Following up on yesterday’s post on the time to detect hackers inside your systems, a new report today says that about half of the web sites of Retail and Healthcare businesses are always vulnerable, mostly because of slow remediation rates. WhiteHat Security’s report (see article) says that 47% of applications tested had cross site scripting […]
Continue reading → [DISPLAY_ACURAX_ICONS]Larry Ponemon just released a study that shows that the dwell time – the time between the attacker getting in and the business detecting it is 100-200 days depending on the industry. Many of the respondents said that they are not optimistic about improving this in the next year. Given that, incident response is […]
Continue reading → [DISPLAY_ACURAX_ICONS]This month a number of smaller banks attempted to derail the agreement between Target and Visa because, they said, that the way Visa allocated the money, they got almost nothing (see post). Magically, after the judge said that he did not like the agreement but that he could not do anything about it, Visa agreed […]
Continue reading → [DISPLAY_ACURAX_ICONS]The IAPP published 10 part series on vendor management. A vendor was the cause of both the Target and Home Depot breaches and as I wrote yesterday, a vendor cost USIS at least $2.5 billion in lost business. How good is your vendor management program? Here are a few tips from the series: You may […]
Continue reading → [DISPLAY_ACURAX_ICONS]USIS, a firm that used to do background checks for the U.S. Government was hacked in 2013. They did not provide many details of what happened, but the government cancelled $2.5 Billion in contracts and they laid off 2,500 employees. It also pushed the parent company dangerously close to default on $2 Billion in loans […]
Continue reading → [DISPLAY_ACURAX_ICONS]Brian Krebs reported that the company mSpy was hacked. mSpy builds a software product that runs in the cloud and allows parents to spy on their kids and adults to spy on their (cheating) significant others. That data is stored in the cloud, and now, hundreds of gigs of their customer’s photos, appointments, corporate emails […]
Continue reading → [DISPLAY_ACURAX_ICONS]