Hacked Companies Still Not Alerting Investors

February 9, 2012 by admin
Filed under Around The Net

Comments Off on Hacked Companies Still Not Alerting Investors

At least a half-dozen major U.S. companies whose computer networks have been breached by cyber criminals or international spies have not admitted to the incidents despite new guidance from securities regulators urging such disclosures.

Top U.S. cybersecurity officials believe corporate hacking is widespread, and the Securities and Exchange Commission issued a lengthy “guidance” document on October 13 outlining how and when publicly traded companies should report hacking incidents and cybersecurity risk.

But with one full quarter having elapsed since the SEC request, some major companies that are known to have had significant digital security breaches have said nothing about the incidents in their regulatory filings.

Defense contractor Lockheed Martin Corp, for example, said last May that it had fended off a “significant and tenacious” cyber attack on its networks. But Lockheed’s most recent 10-Q quarterly filing, like its filing for the period that included the attack, does not even list hacking as a generic risk, let alone state that it has been targeted.

A Reuters review of more than 2,000 filings since the SEC guidance found some companies, including Internet infrastructure company VeriSign Inc and credit card and debit card transaction processor VeriFone Systems Inc, revealed significant new information about hacking incidents.

Yet the vast majority of companies addressing the issue only used new boilerplate language to describe a general risk. Some hacking victims did not even do that.

Source…

Tags: America, analysts, companies, Computers, credit card, cybercrimes, cybercriminals, cybercrooks, cybersecurity risks, data, data-theft, debit card, Defense contractors, enterprises, firms, Hackers, hacking, Inc., international spies, internet, investors, John D. Rockefeller, lawsuits, Lockheed Martin Corp, Network Security, networks, Online, personal information, Pricing, revenues, sales, SEC, Securities And Exchange Commission, Security, Senate, Senate Commerce committee, senators, servers, spies, stocks, technology, transaction processor, USA, VeriSign, web, websites

Google Defends New Privacy Policy

February 6, 2012 by admin
Filed under Around The Net

Comments Off on Google Defends New Privacy Policy

In a letter sent to eight members of Congress, Google yesterday defended its decision to consolidate its privacy policies and users’ personal information.

The 13-page letter explains Google’s decision to change its privacy policies and answers specific questions from the legislators. In sum, Google contended that its approach to privacy remains the same, that users still have control over how they use the company’s various online services, and that private information stays private.

“Some have expressed concern about whether consumer can opt out of ourupdated privacy policy,” wrote Pablo Chavez, Google’s director of public policy, in the letter.

“We understand the question at the heart of this concern. We believe the relevant issue is whether users have choices about how their data is collected and used. Google’s privacy policy – like that of other companies – is a document that applies to all consumers using our products and services. However, we have built meaningful privacy controls into our products, and we are committed to continue offering those choices in the future,” he added.

Google stirred up something of a privacy firestorm last week when company executives disclosed plans to rewrite privacy policies and to meld user information across its various products and services.

Source…

Tags: advertising, android, browsing history, calendars, Chrome, Computers, Computing, congressmen, consumers, customers, data collection privacy policy, documents, Email, Gmail, Google, hardware, internet, legislators, Online, operating systems, Opt Out, OS, Pablo Chavez, PC's, personal information, privacy, privacy advocates, privacy controls, products, Security, services, Software, technology, tools, tracking, US Congress, web, websites, YouTube

Websites ‘Leaking’ User Info To Other Firms

October 19, 2011 by admin
Filed under Around The Net

Comments Off on Websites ‘Leaking’ User Info To Other Firms

Many top websites share their visitors’ names, usernames or other personal information with their partners without alerting users and, in some cases, without knowing they’re doing it, according to a new study from Stanford University.

Many websites “leak” usernames to third-party advertising networks by including usernames in URLs that the ad networks can see in referrer headers, said the study, released Tuesday by Stanford Law School’s Center for Internet and Society. While there’s a debate in legal circles whether usernames are personal information, there’s a growing consensus among computer scientists that Web-based companies can use usernames to identify their owners, said Jonathan Mayer, a Stanford graduate student who led the study.

“The vast majority of usernames are unique,” he said. “Given the prevalence of social networking, often times, once you have a username for a social network, you then also have a person’s real name, possibly a photo, possibly more.”

Other websites share first names, email addresses and other information with advertising or other partners, Mayer said at a privacy conference in Washington. Those identifiers “get associated not just with what you’re doing right now, but get associated with what you’ve done in the past, and what Web browsing activity you may have in the future,” he said.

Source….

Tags: advertisers, advertising firms, browsers, browsing activity, Center for Internet And Society, comscore, consensus, data, DC, debates, DoubleClick, email addresses, Google Analytics, graduate students, identifiers, information leakage, internet, Jonathan Mayer, leaking, Online, personal information, Photos, pictures, privacy, privacy conference, Quantcast, real names, referrer headers, social network, Social Networking, Stanford Law School, Stanford University, third parties, URLs, user ids, user information, user names, usernames, Washington, web analytics, web-based, websites

Mobile Security Threats Continue To Grow

October 15, 2011 by admin
Filed under Smartphones

Comments Off on Mobile Security Threats Continue To Grow

According to industry analysts, mobile device shipments will exceed a billion devices in 2015 and will rapidly outrun PC shipments. That’s great news for end user convenience, mobility, and work-anywhere productivity. But it also means that enterprises must prepare for the fact that the criminals will target these devices with attack exploits, spyware,
and rogue applications.

And while IBM’s IT security research team, X-Force, predicts a modest 33 software exploits targeting mobile devices in the year ahead, that’s roughly twice the number of such attack code released in the past year.

The group also sees a number of other troubling mobile security trends. First, when software flaws do surface, many mobile phone makers do not rapidly deploy software patches to devices; malicious apps are often distributed through third-party app markets. Another troubling trend is that some mobile malware can collect end user’s personal information for use in phishing attacks.

An example of vulnerabilities that would make such attacks possible are the two recent Android security flaws that were reported to affect popular handsets including the AT&T Samsung Galaxy SII and various HTC devices.

The security find announced by security researcher Trevor Eckhart, called HTClogger (logging tools introduced by handset maker HTC) that could leak email account information, user location, phone numbers, and messaging logs.

Handset maker HTC said, in a statement, that it is working to quickly issue an update to its customers. “HTC is working very diligently to quickly release a security update that will resolve the issue on affected devices. Following a short testing period by our carrier partners, the patch will be sent over-the-air to customers, who will be notified to download and install it. We urge all users to install the update promptly,” the company said.

Source….

Tags: account information, android, apple, applications, AT&T, attacks, Cellular, conveniences, criminals, customers, cybercriminals technology, device shipments, downloads, emails, end users, Galaxy, Google, gps, Hackers, handsets, HTC, HTClogger, IBM, IMs, industry analysts, installs, internet, iOS, IT Security, location tracking, Lookout, malicious apps, markets, message logs, messages, Mobile, mobile security, mobility, networks, Online, over-the-air, PC shipments, personal information, Pete Lindstrom, phishing attacks, phone makers, phone numbers, productivity, rogue applications, samsung, Samsung Galaxy S II, Security, security researcher, smartphones, SMS, software exploits, software flaws, software patches, Spire Security, Spyware, text messages, thieves, third party apps, web, Wireless, work-anywhere, X-Force

Citigroup Hackers Pocketed $2.7 million

June 29, 2011 by admin
Filed under Around The Net

Comments Off on Citigroup Hackers Pocketed $2.7 million

Citigroup suffered about $2.7 million in losses after cybercriminals uncovered a way to lift credit card numbers from its website and make fraudulent transactions.

Citi acknowledged the breach earlier this month, saying hackers had gained accessed to more than 360,000 Citi credit card accounts of U.S. customers. The hackers didn’t breach Citi’s main credit card processing system, but were reportedly able to obtain the numbers, along with the customers’ names and contact information, by logging into the Citi Account Online website and guessing account numbers.

Until now, it wasn’t revealed if any fraud had occurred as a result of the theft. But Citi confirmed Friday that there were losses of $2.7 million from about 3,400 accounts.

The bank has said its customers will not be liable for the fraudalent transactions and losses as a result of them.

Facebook’s Users Info Was Leaked

May 12, 2011 by admin
Filed under Around The Net

Comments Off on Facebook’s Users Info Was Leaked

Facebook users’ personal information could have been accidentally leaked to third parties, in particular advertisers, over the past several years, Symantec Corp said in one of its blog postings.

Third-parties would have had access to personal information such as profiles, photographs and chat, and could have had the ability to post messages, the security software company stated.

“We estimate that as of April 2011, close to 100,000 applications were enabling this leakage,” the blog post said.

” … Over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties,” posing a security threat, the blog post said.

The third-parties may not have realized their ability to access the information, it said.

Facebook, the world’s largest social networking website, was notified of this issue and confirmed the leakage, the blog post said.

It said Facebook has taken steps to resolve the issue.

“Unfortunately, their (Symantec’s) resulting report has a few inaccuracies. Specifically, we have conducted a thorough investigation which revealed no evidence of this issue resulting in a user’s private information being shared with unauthorized third parties,” Facebook spokeswoman Malorie Lucich said in a statement.

Advantages of Using a Consultant

Information Security

Biggest Data Breaches

News

Connect With Us

Join Our Mailing List

Latest News

Request A Quote

Contact Us