Data Loss Prevention - Infoworld en Lavaboom builds encrypted webmail service to combat snooping <p>A new webmail service called <a href="" target="_blank">Lavaboom</a> promises to provide easy-to-use email encryption without ever learning its users' private encryption keys or message contents.</p> Security Data Loss Prevention Email Software Encryption Internet Privacy Web Applications Thu, 17 Apr 2014 11:46:33 +0000 admin 240636 at Tests confirm Heartbleed bug can expose server's private key <p>Four researchers working separately have demonstrated a server's private encryption key can be obtained using the Heartbleed bug, an attack thought possible but unconfirmed.</p> <p>The findings come shortly after a challenge created by CloudFlare, a San Francisco-based company that runs a security and redundancy service for website operators.</p> Security Data Loss Prevention Data Security Encryption Open Source Software Vulnerability Assessment Web Security Mon, 14 Apr 2014 12:00:32 +0000 admin 240403 at Stung by file-encrypting malware, researchers fight back <p>Jose Vildoza's 62-year-old father was using his old Windows computer when a warning in broken English flashed on the screen: your files have been encrypted.</p> <p>Vildoza's father, who speaks Spanish, didn't understand the warning, which demanded payment in order to decrypt the files. When Vildoza looked at it, he knew it was bad. And he became angry.</p> Security Cyber Crime Data Loss Prevention Encryption Endpoint Protection Malware Thu, 10 Apr 2014 11:54:58 +0000 admin 240226 at Yahoo turns on encryption between data centers <p>Yahoo said Wednesday it was encrypting traffic flowing between its data centers, several months after leaked documents revealed the government had been sniffing those links.</p> Networking Security Yahoo Internet Data Loss Prevention Data Security Encryption Internet Privacy Web Services Search Engines Social Networking Video Conferencing Thu, 03 Apr 2014 12:19:19 +0000 admin 239756 at Microsoft reviews policies after admitting search of customer email <p>Microsoft promised to subject itself to a more rigorous process before searching through its customers' email accounts in the future after a recent legal case revealed that the company searched for evidence of theft of its trade secrets in a Hotmail account.</p> Security Microsoft Data Loss Prevention Internet Privacy Fri, 21 Mar 2014 16:48:35 +0000 admin 238876 at Microsoft uncovers mole who leaked Windows secrets, but Wzor lives on <div id="tw-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="" alt="Microsoft uncovers a mole, but Wzor lives on" width="243" height="182" align="right" /></div><p>Yesterday Levi Pulkkinen at the Seattle Post Intelligencer broke the story that an <a href="" target="_blank">ex-Microsoft employee was charged with pa Microsoft Windows Microsoft Microsoft Windows Data Loss Prevention Thu, 20 Mar 2014 11:31:10 +0000 InfoWorld Tech Watch 238755 at Court approves first-of-its-kind data breach settlement <p>Courts have generally tended to dismiss consumer class-action lawsuits filed against companies that suffer data breaches if victims can't show that the the breach directly caused a financial hit.</p> <p>A federal court in Florida broke the mold by approving a $3 million settlement for victims of a data breach in which personal health information was exposed when multiple laptops containing the unencrypted data were stolen.</p> Security Cyber Crime Data Loss Prevention Data Security Tue, 18 Mar 2014 11:40:14 +0000 admin 238550 at Sears says it finds no evidence of data breach -- yet <p>Sears Holdings said a review of its systems does not show evidence yet of a data breach as retailers continue to stay on guard in the light of payment card terminal hacking at <a href="">Target </a>and Neiman Marcus.</p> <p>The department store chain, with 2,500 stores in the U.S. and Canada, is the latest company to say it is investigating a possible breach, following the hotel management company White Lodging Services and the arts and crafts chain Michaels.</p> Security Cyber Crime Data Loss Prevention Data Security Hacking Mon, 03 Mar 2014 15:13:05 +0000 admin 237471 at How to rethink security for the new world of IT <p>"We shall fight on the beaches. We shall fight on the landing grounds. We shall fight in the fields and in the streets. We shall fight in the hills. We shall never surrender," said Winston Churchill in his famous June 1940 speech in the face of Nazi attacks on England. His earlier committment to the goal of victory, "however long and hard the road may be," is an apt analogy to the security battles that enterprises face.</p> Consumerization of IT Data Management Security IT Management Application Security Data Loss Prevention Data Security Endpoint Protection Hacking IDG Insider Wed, 19 Feb 2014 11:00:00 +0000 Galen Gruman 236329 at Merkel and Hollande to talk about Europe avoiding US servers <p>German Chancellor Angela Merkel and French President Fran├žois Hollande will discuss this week how Europe can keep email traffic away from U.S. servers.</p> <p>Merkel is planning to discuss this issue when she meets her French colleague on Wednesday, she said in a weekly <a href=";amp;v=3" target="_blank">podcast</a>.</p> Security Federal Regulations Data Loss Prevention Data Security Internet Privacy Tue, 18 Feb 2014 13:11:20 +0000 admin 236473 at Suspected data breach at Holiday Inn, Marriott hotels <p>Lodgers at Holiday Inns, Marriott, and Renaissance hotels may have had their payment card details compromised following a new disclosure on Monday of suspected point-of-sale device attacks.</p> <p>White Lodging Services, a hotel management company, warned in a <a href="" target="_blank">news release</a> it suspects point-of-sale systems at restaurants and lounges on 14 of its properties were compromised between March 20, 2013 and Dec. 16, 2013.</p> Security Cyber Crime Data Loss Prevention Data Security Malware Tue, 04 Feb 2014 13:07:41 +0000 admin 235603 at Big fines for big breaches: The only way to stop shoddy security <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="" alt="Big fines for big breaches: The only way to stop shoddy security" width="243" height="182" align="right" /></div><p>I've posted on this topic in the past, but I can't say it enough: Retailers that lose customer information to crackers should be penalized massively. There is no other way to stem the tide.</p> Data Center Data Loss Prevention Mon, 03 Feb 2014 11:00:00 +0000 Paul Venezia 235465 at The processes and tools behind a true APT campaign <p>APTs are both nightmares and the stuff of legend for business leaders and security managers across the globe. In this series, CSO will examine the processes and tools used by attackers during these types of campaigns, and various mitigating factors.</p> <h3>[<a href="">Spear phishing paves road for advanced persistent threats</a>]</h3><p>&nbsp;</p> Security Data Loss Prevention Endpoint Protection Network Security Security Management IDG Insider Fri, 31 Jan 2014 11:00:00 +0000 uphan 235095 at Target says attackers used stolen vendor credentials to gain access <p>Target said Wednesday that intruders accessed its systems by using credentials "stolen" from a vendor, one of the first details the retailer has revealed about how hackers got inside.</p> <p>The vendor was not identified. A Target spokeswoman said she had no further details to share.</p> Security Cyber Crime Data Loss Prevention Data Security Vulnerability Assessment Thu, 30 Jan 2014 13:24:12 +0000 admin 235322 at Engineer nets $33,500 -- Facebook's biggest bug bounty <p>Last November Reginaldo Silva, a computer engineer in Brazil, found one of the worst kinds of vulnerabilities in Facebook's software. It has netted him the biggest <a href="">bug bounty</a> the social network has ever paid out, but while he's not complaining, it wasn't quite the windfall he hoped for.</p> <p>The bug related to code used for OpenID, an authentication system that lets people use the same login credentials for multiple online services.</p> Applications Security Facebook Data Loss Prevention Data Security Social Networking Vulnerability Assessment Thu, 23 Jan 2014 12:37:12 +0000 admin 234821 at Senators call on FTC to investigate Target breach <p>A U.S. senator has called on the Federal Trade Commission to investigate Target's security practices after the large retailer reported a data breach affecting 40 million customer credit and debit cards.</p> Data Loss Prevention Data Security Government Mon, 23 Dec 2013 20:12:58 +0000 admin 233117 at Browser extension gets 'disposable' data capabilities for added privacy <p>A Boston-based company, Abine, is beefing its anti-tracking browser extension to let users shield their real credit card details, email addresses and phone numbers during Web transactions.</p> <p>The new features are being added to "<a href="">DoNotTrackMe</a>," an extension for Firefox, Internet Explorer, Chrome, and Safari that blocks tracking technologies used by advertising and social networks and data collectors.</p> Security E-commerce Data Loss Prevention Data Security Internet Privacy Web Browsers Fri, 22 Nov 2013 13:39:44 +0000 admin 231463 at The best data security offense is a good defense <p>It was like finding a needle in a haystack. On her first day as security and risk manager at the Pennsylvania Department of Public Welfare, Pamela Skelton was met with piles of disorganized compliance files and random pieces of paper that her predecessor had left behind.</p> <p>When she was told that an IRS audit report was due in a few months, a mild panic set in. "I saw all this paper and said, 'Where is everything?' It was very disorganized. I could never find anything that I needed," she recalls. That was just the start of a risk compliance odyssey for Skelton and her team.</p> Security Federal Regulations Data Loss Prevention Data Security Internet Privacy IDG Insider Fri, 15 Nov 2013 18:11:15 +0000 admin 230974 at Facebook forces some users to reset passwords because of Adobe data breach <p>Facebook locked some users out of their accounts after determining that their login credentials were exposed as a result of a security breach at Adobe. The company is asking users who used the same login credentials for Adobe's online services and Facebook to verify their identity and change their password.</p> Security Facebook Authentication Data Loss Prevention Data Security Encryption Tue, 12 Nov 2013 19:13:06 +0000 admin 230677 at Iris ID systems go mainstream <p>At the entrance to "The Vault," the most secure room within the most protected building operated by security services provider Symantec, an iris recognition system stands guard as the last line of defense.</p> Security Authentication Data Loss Prevention Mon, 04 Nov 2013 15:44:31 +0000 admin 230106 at