Moderators note: Hire Me!

Moderators note: Hire Me!


Moderators note: Hire Me!

Posted:

InfoSec News: Moderators note: Hire Me!: Just a quick note, I am still in Chicago helping care for an elderly parent, and I'm looking for a new security opportunity in Chicagoland. I'm listed on LinkedIn at: http://www.linkedin.com/in/williamknowles but please drop me a note if you're aware of something that would be a good [...]

Failure to encrypt portable devices inexcusable, say analysts

Posted:

InfoSec News: Failure to encrypt portable devices inexcusable, say analysts: http://www.computerworld.com/s/article/9215369/Failure_to_encrypt_portable_devices_inexcusable_say_analysts
By Jaikumar Vijayan Computerworld March 31, 2011
The continuing failure by most enterprises to encrypt sensitive data stored on laptops and other mobile devices is inexcusable, analysts said following BP's disclosure this week of a data compromise involving a lost laptop.
The computer contained unencrypted personal data such as names, Social Security numbers and dates of birth belonging to about 13,000 individuals who had submitted claims with the company over last year's disastrous oil spill.
According to BP, an employee lost the laptop while on routine business travel.
The company is only the latest in a long list of organizations that have made similar announcements over the past several years. In fact, data compromises involving lost or stolen laptops, unencrypted storage disks, and other mobile devices account for a substantial portion of breaches these days.
[...]

Former Intelligence CIO New BofA CISO

Posted:

InfoSec News: Former Intelligence CIO New BofA CISO: http://www.bankinfosecurity.com/articles.php?art_id=3486
By Eric Chabrow Executive Editor GovInfoSecurity.com March 31, 2011
Patrick Gorman, a former associate director of the Office of the Director of National Intelligence, is the new chief information security [...]

Porn Star HIV Test Database Leaked

Posted:

InfoSec News: Porn Star HIV Test Database Leaked: http://gawker.com/#!5787392/porn-star-hiv-test-database-leaked
By Adrian Chen Gawker.com March 30, 2011
The patient database of the private health clinic that conducts STD tests for California's porn industry has been breached, exposing test results and personal details about thousands of current and former porn performers, some of which have been published on a Wikileaks-style website.
Earlier this year, a website called Porn Wikileaks posted a list of what it claimed were the real names of more than 15,000 porn performers past and present, alongside their stage names and dates of birth. This essentially "outed" them to any passing Googler, which caused an uproar in the industry since many porn performers try to keep their real name secret, for obvious reasons. That 15,000 names were on the list was significant, especially considering only about 1,200-1,500 performers are currently working in California's Porn Valley.
It turns out that many of the names came from a database belonging to the Adult Industry Medical Healthcare Foundation (AIM), which conducts the majority of STD tests for the porn industry. (Working straight performers get tested at least once every 28 days.) The porn gossip blogger Mike South first reported the breach after he was contacted by a number of porn performers who said the information posted about them on Porn Wikileaks must have come from AIM's database. Their proof: They had only used the stage names that were posted on Porn Wikileaks once, when registering for testing at AIM.
One former porn performer we spoke to registered for an HIV test with AIM using a stage name he made up "off the top of my head" when he started in the industry eight years ago—and he never used it again. (He picked a new stage name when he appeared in his first adult video.) But the stage name he gave AIM recently appeared on Porn Wikileaks, linked to his real name. That stage name "was never used, it was never spoken anywhere else. It was written down one time and one time only and that was on the HIV form for AIM," he said. "Without a question [the leak] came from AIM."
[...]

Former Teen Stock Swindler Sentenced to Three Years on New Hack

Posted:

InfoSec News: Former Teen Stock Swindler Sentenced to Three Years on New Hack: http://www.wired.com/threatlevel/2011/03/dinh-2/
By Kevin Poulsen Threat Level Wired.com March 31, 2011
A former teenage hacker who once served time for an online stock-trading scheme was sentenced in New York this week to three years in prison on [...]

EU parliament suspends webmail after cyber-attack

Posted:

InfoSec News: EU parliament suspends webmail after cyber-attack: http://www.theregister.co.uk/2011/03/31/eu_parliament_hack/
By John Leyden The Register 31st March 2011
The European Parliament network has fallen under cyber-attack, leading to a suspension of webmail and other security restrictions.
The assault, which has led to the suspension of webmail access in Strasbourg, comes after attacks against the European Commission and the External Action Service networks.
The Parliament and the Commission run over separate networks. The attack on the parliamentary network was reportedly detected on 24 March, two days after problems with the Commission's Microsoft Exchange email server system first emerged.
An EU official said that the two attacks appeared to be co-ordinated, well-organised and geared towards extracting sensitive information. "This is not a couple of teenage boys hacking into the [EU] institutions," the official told European Voice.
[...]

Secunia Weekly Summary - Issue: 2011-13

Posted:

InfoSec News: Secunia Weekly Summary - Issue: 2011-13: ========================================================================
The Secunia Weekly Advisory Summary 2011-03-24 - 2011-03-31
This week: 50 advisories [...]

Searching For Security’s Yardstick

Posted:

InfoSec News: Searching For Security's Yardstick: http://www.darkreading.com/security-monitoring/167901086/security/security-management/229400652/searching-for-security-8217-s-yardstick.html
By Tim Wilson Darkreading March 30, 2011
There’s an old saying in IT: You can’t manage what you can’t measure. [...]

0 comments:

Post a Comment