-
DHS warns employees that years-old database hole puts their privacy at risk
The Department of Homeland Security (DHS) Thursday said it has notified employees and others with DHS clearance to be on alert for potential fraud due to a vulnerability discovered in software used by a vendor to process personally identifiable information (PII) for background investigations. The software hole in had been there since July 2009.
-
GPs open to sharing patient information, says survey
A survey of general practices' attitudes to the use of information technology shows that most are open to sharing patient information provided that appropriate security and privacy measures are in place.
-
Health care breach victims plummet
Tougher rules and big settlements are said to be behind the fall in affected clients, but one group calls it the 'calm before the storm'
-
EU parliament committee votes against air passenger data sharing bill
European politicians are at loggerheads following a vote in the European Parliament on Wednesday that rejected proposals to store information on airline passengers.
-
DHS use of deep packet inspection technology in new net security system raises serious privacy questions
To protect the federal civilian agencies against cyberthreats, the Department of Homeland Security (DHS) is preparing to deploy a more powerful version of its EINSTEIN intrusion-detection system that’s supposed to detect attacks and malware, especially associated with e-mail. But since this version of EINSTEIN is acknowledged by DHS to be able to read electronic content, it’s raising privacy concerns.
-
Retailer hauls Visa to court over $13.3M fine for payment card data breach
Genesco, a specialty retailer of footwear, sports apparel and related accessories has sued Visa USA for $13.3 million in fines that were assessed against the company after a credit card data breach in 2010.
-
HK hotels woo guests with apps
Two hotels in Hong Kong are leveraging mobile apps to give guests a new experience during their stay.
-
Six essential steps to secure academia
Computer networks in the academic world are a lot like the Wild West: It's hard to tell the good guys from the bad, and the sheriff's ability to maintain order is severely limited.
Get exclusive access to CSO, invitation only events, reports & analysis. - 1
Dell targets ANZ security opportunities as SecureWorks debuts locally
- 2
AusCERT 2013: Cloud-based scanner identifies new malware by its ancestry
- 3
AusCERT 2013: Users, cats more likely hack culprits than cyber-espionage: Trustwave
- 4
ACMA database keeps finger on Australia’s malware pulse
- 5
Lethal medical device hack taken to next level
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
Warning: Tips for secure mobile holiday shopping
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.
