1-in-4 worms spread through infected USB devices
Hard on the heels of a report that a USB drive was used to compromise U.S. military networks in 2008, a security company today claimed that 25% of all new worms are designed to spread through the portable storage devices. via 1-in-4 worms spread through infected USB devices.
Windows DLL load hijacking exploits go wild
Less than 24 hours after Microsoft said it couldn’t patch Windows to fix a systemic problem, attack code appeared Tuesday to exploit the company’s software. Also on Tuesday, a security firm that’s been researching the issue for the last nine months said 41 of Microsoft’s own programs can be remotely exploited using DLL load hijacking, [...]
Trojan blamed for Spanish air crash
A plane crash that killed 154 people in 2008 might have been partly connected to the infection of an important ground safety system by malware, a Spanish newspaper has claimed. The Spanair plane took off from Madrid to fly to the Canary Islands on 20 August 2008, but failed to clear the runway. Of the [...]
Google Apps gets FISMA-certified for government work
Google has landed an important federal certification for encryption and security. An official Google blog post said that the company has received Federal Information Security Management Act (FISMA) certification and accreditation from the U.S. government for its Google Apps office productivity suite, including Gmail. via Google Apps gets FISMA-certified for government work.
Healthcare Breaches Spin Out Of Control
If the past week is any indication and I’m afraid it is, health care companies are doing an abysmal job at protecting personal health care data.This evening the Colorado Department of Health Care Policy and Financing announced that state officials discovered an unauthorized removal of a computer hard drive from the state’s Office of Information [...]
Connecticut AG reaches agreement with Health Net over data breach
Connecticut Attorney General Richard Blumenthal has announced that his office has reached a settlement with health insurance company Health Net over a failure to secure patient information on almost a half-million state enrollees, and subsequent failure to promptly notify consumers about the breach. The settlement involves Health Net of the Northeast Inc., Health Net of [...]
AMR Corporation Sends Letters to Certain Retirees and Employees Regarding Data Compromise and Offer
Today, AMR Corporation , the parent company of American Airlines, Inc., sent letters to potentially affected retirees, former employees, and a limited number of current employees about a compromise of certain personal information. The data, which had been kept by AMR’s pension department, spans a time period from 1960 through 1995, and consists of images [...]
Do You Have What It Takes To Pass Your Payment Card Industry Audit? #PCI
With every company reliant on software to run its business, an alarming rise in data breach incidents across industries, but especially credit card processing, means application security is becoming an increasingly critical part of any organisation’s overall IT security strategy. For organisations that store, transmit or process credit card information, it is vital as they [...]
HHS Issues RFI on Accounting for Disclosures Through an EHR
On May 3, 2010, the Office for Civil Rights of the U.S. Department of Health & Human Services HHS issued a Request for Information RFI on the provisions of the Health Information Technology for Economic and Clinical Health HITECH Act that expand the requirements for accounting of disclosures of patients' protected health information PHI to [...]
PCI council launches certification program for IT staff
The organization responsible for administering the Payment Card Industry Data Security Standard (PCI DSS) has launched a new program to help enterprises conduct self-assessments of their compliance with the standard. The security council will train and certify IT security staff to conduct PCI compliance assessments on behalf of their companies. via PCI council launches certification [...]
