It is common, if not automatic, for companies that have their information systems breached to offer credit monitoring services, and this includes medical record breaches. Consumers can also pay companies like Lifelock to provide the same services. The question is do they work and the answer is, for the most part, not really. Brian Krebs […]
Continue reading → [DISPLAY_ACURAX_ICONS]Larry Ponemon surveys companies every year to see how cost of dealing with breaches is trending. This year shows, among other things, that it costs companies an average of $217 per record breached. That means, on average, a small breach of say 10,000 records still costs $2 million. If you assume his numbers are high, […]
Continue reading → [DISPLAY_ACURAX_ICONS]Another day, another software supply chain exploit. This time, Zytel and D-Link have confirmed that their routers have the bug, but researchers think products from Netgear, TP-Link, Trendnet and other vendors are vulnerable. Already 90 plus products from more than 20 vendors have been potentially identified as vulnerable. Only TP-Link has announced a patch. The […]
Continue reading → [DISPLAY_ACURAX_ICONS]Following up on yesterday’s post on the time to detect hackers inside your systems, a new report today says that about half of the web sites of Retail and Healthcare businesses are always vulnerable, mostly because of slow remediation rates. WhiteHat Security’s report (see article) says that 47% of applications tested had cross site scripting […]
Continue reading → [DISPLAY_ACURAX_ICONS]Last week the FBI and DoJ testified before the House Committee on Oversight and Government Reform Subcommittee on IT, asking for an encryption back door (or as the NSA has said they prefer, a front door). They did not get a very welcome reception. In fact, Rep Lieu suggested that they “just follow the damn […]
Continue reading → [DISPLAY_ACURAX_ICONS]Below is an interesting ad from the J.P. Morgan Chase home page: They go on to say that you could be responsible for any losses if you do. They say don’t share your login password for Chase.com with third party sites that offer budgeting, managing and other services. In fact, the user agreement says this: […]
Continue reading → [DISPLAY_ACURAX_ICONS]