Heartland breach expenses pegged at $140M -- so far |
- Heartland breach expenses pegged at $140M -- so far
- UB and Absolute Poker on the Cereus Network Work to Fix Security Flaws
- [Dataloss Weekly Summary] Week of Sunday, May 2, 2010
- Facebook board member's account gets hacked
- White House devs overlooked gaping Drupal vuln
- Should there be a Geneva Convention for fighting cyberwar?
- Is AhnLab to blame for online banking mess?
| Heartland breach expenses pegged at $140M -- so far Posted: InfoSec News: Heartland breach expenses pegged at $140M -- so far: http://www.computerworld.com/s/article/9176507/Heartland_breach_expenses_pegged_at_140M_so_far By Jaikumar Vijayan Computerworld May 10, 2010 The costs to Heartland Payment Systems Inc. from the massive data breach that it disclosed in January 2009 appear to be steadily adding up. [...] |
| UB and Absolute Poker on the Cereus Network Work to Fix Security Flaws Posted: InfoSec News: UB and Absolute Poker on the Cereus Network Work to Fix Security Flaws: http://www.cardplayer.com/poker-news/9043-ub-and-absolute-poker-on-the-cereus-network-work-to-fix-security-flaws By Stephen A. Murphy Card Player May 10, 2010 Cereus Network, which is the home of the popular poker sites UB and Absolute Poker, was in the middle of a security controversy late last week when it was discovered that its two major poker sites used weak encryption methods. A poker tracking site announced on Thursday that it had hacked Cereus. encryption method and showed how it was possible for someone to hijack a player's account and see holecards in real time if that person was also able to hack the user.s Internet connection. Paul Leggett, the chief operating officer of Tokwiro Enterprises (which owns both UB and Absolute Poker), issued a statement on Friday morning acknowledging the security breach and promising to do everything in his power to fix the problem. "PTR (Poker Table Ratings) was able to crack our local encryption method ... I would also like to say that I am very embarrassed and upset that this issue was not caught by our internal staff or through the countless audits we've been through this year and last year," said Leggett. "We've invested a great deal of money into all types of security and I am very shocked that this was not identified by us or the many third party auditors we've employed. Needless to say we plan to find new security resources and third parties to help us test this solution and make sure we provide you with the absolute best security that money can buy." For someone to have had actually seen another person.s holecards and utilized that information to cheat, that person would have had to hack both the site's encryption, as well as the person's individual Internet access. Both PTR and Cereus Network say that scenario is very unlikely. [...] |
| [Dataloss Weekly Summary] Week of Sunday, May 2, 2010 Posted: InfoSec News: [Dataloss Weekly Summary] Week of Sunday, May 2, 2010: ======================================================================== Open Security Foundation - DataLossDB Weekly Summary Week of Sunday, May 2, 2010 6 Incidents Added. ======================================================================== [...] |
| Facebook board member's account gets hacked Posted: InfoSec News: Facebook board member's account gets hacked: http://social.venturebeat.com/2010/05/10/facebook-jim-breyer-hacked/ By Anthony Ha Social Beat May 10, 2010 It looks like the Facebook account of Jim Breyer, whose firm Accel Partners was an early investor in the social network and who sits on the company's board, was hacked over the weekend. [...] |
| White House devs overlooked gaping Drupal vuln Posted: InfoSec News: White House devs overlooked gaping Drupal vuln: http://www.theregister.co.uk/2010/05/10/drupal_security_bug/ By Dan Goodin in San Francisco The Register 10th May 2010 A researcher has uncovered a potentially serious vulnerability in the open-source content management system used by the White House website and thousands of other sites. [...] |
| Should there be a Geneva Convention for fighting cyberwar? Posted: InfoSec News: Should there be a Geneva Convention for fighting cyberwar?: http://www.networkworld.com/community/node/61026 By Robert Mullins Networkworld.com 05/10/10 The term "cyberwar" has been bandied about in recent years as a catchall term for the hackers stealing credit card numbers or spreading spam, but also much more nefarious schemes such as breaking into a electricity grid. At a recent cybersecurity conference, one Microsoft security executive said we might need global rules on how to fight such threats. Scott Charney, vice president of Microsoft's Trustworthy Computing Group, spoke at the Worldwide Cybersecurity Summit in Dallas last week and said there needs to be a distinction between cybercriminals merely stealing money and cyberwar, possibly conducted by nation-states, that is aimed at crippling a target in another country, such as a power grid or an oil pipeline. An Associated Press report on the conference, which was picked up by the Seattle Post-Intelligencer newspaper, quotes Charney as saying that international treaties designed to fight cyberwar are difficult to establish because of the murky nature of what "cyberwar" is. The United Nations last month rejected a Russian proposal for a new cybercrime treaty, leaving in place a 2001 treaty that Russia opposes because it gives foreign governments too much leeway to pursue cybercriminals across borders. [...] |
| Is AhnLab to blame for online banking mess? Posted: InfoSec News: Is AhnLab to blame for online banking mess?: http://www.koreatimes.co.kr/www/news/biz/2010/05/123_65650.html By Kim Tong-hyung Staff reporter Korea Times 05-10-2010 The need for Internet security continues to grow, and this has anti-virus software makers touting themselves as the guardians of the networked world. [...] |
| You are subscribed to email updates from [ISN] InfoSec News Mailing List To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google Inc., 20 West Kinzie, Chicago IL USA 60610 | |
0 comments:
Post a Comment