Tuesday, September 03, 2013

Data theft on the rise

According to the latest numbers published by EMW a UK based law firm,data theft is on the rise, taking a significant jump up from last year's numbers.

Read more:
http://www.emwllp.com/news/confidential-information-theft-cases-reach-record-high/

Monday, September 02, 2013

DEA database even bigger than NSA

According to a NBC report the DEA has an even bigger database of recorded phone conversations.
Read more:
NBC News

Sunday, August 18, 2013

FB security does not believe security expert - Mark Zuckerberg pays for it

Security experts notifies Facebook security about a vulnerability that allows him to post to anyone's wall, friend or not. FB security does not believe him, till he posts to Mark Zuckerberg's wall.

Read more:
RTT News

1SSA - Security Consulting, Training and Products

Saturday, August 10, 2013

Over 32,000 patient records exposed to the Internet due to firewall off

Over 32,000 patients across 48 states were impacted by a security breach of their Protected Health Information (PHI) that Cogent Health had outsourced to M2ComSys. The PHI was sometimes even indexed by Google, exposing patients names, physician names, dates of birth, diagnosis description, treatment data, medical history and medical records numbers. According to the article below, the outsourcing company's site had its firewall down. The access to these notes through the site began May 5, 2013, and ended following Cogent Healthcare’s discovery of the lapse on June 24, 2013.

How can a firewall not be functional?

Read more:
Healthcare IT News

1SSA - Security Consulting, Training and Products

Thursday, August 08, 2013

White House offering incentives for implementing Cyber Security

The White House seems to be serious about increasing Cyber Security in the commercial sector. Offering incentives for companies that invest into Cyber Security.

Read full article:
http://www.csoonline.com/article/737795/white-house-considers-incentives-for-cybersecurity?source=CSONLE_nlt_update_2013-08-08

1SSA - Security Consulting, Training and Products

Tuesday, July 23, 2013

Annual loss of up to $500B due to cybercrime

A new report compiled by CSI and McAfee shows that cybercrime generates annual losses of up to $500B on a global level. The report also states that many jobs in the U.S. are lost due to cybercrime.

Download the report here:
http://www.mcafee.com/sg/resources/reports/rp-economic-impact-cybercrime.pdf?cid=BHP016

Sunday, June 23, 2013

Leaked documents expose massive UK spying operation involving 200 fiber optic cables

Once considered a secure alternative to traditional cupper lines the use of fiber has not stopped the GCHQ (the U.K. version of the NSA in the U.S.) to eavesdrop on communications that traveled across these major data pipelines. This is just another uncovering of a major privacy violation in the "free world" which has been pointing to other countries for their rather open practice of eavesdropping on Internet communication.

Read More:
Washington Post about Guardian article

1SSA - Security Consulting, Training and Products

Saturday, June 22, 2013

Tridium vulnerability throws building controls wide open to hackers

Only recently, over the last 3-4 years, the ties between physical and IT security have been understood and yet most organizations keep them separate, resulting in disconnects and potential attacks slipping through the cracks. Since more and more physical security systems use IT for communication they are becoming now targets for hackers. Latest victim being Honeywell’s Tridium Niagara Framework which is built around TCP/IP and meant to provide web-based management for building assets.

Read more:
Tridium vulnerability throws building controls wide open to hackers

1SSA - Security Consulting, Training and Products

FDA Safety Communication: Cybersecurity for Medical Devices and Hospital Networks

The FDA issued a safety recommendation to the medical community, advising about cyber security issues with medical devices. Medical devices are more and more becoming Internet/Network enabled, allowing for traditional cyber security threats to execute on those rather immature (from a security perspective) devices.

FDA Safety Communication

1SSA - Security Consulting, Training and Products