DISC InfoSec blog

Image via Wikipedia
by Edward Wyatt
provided by – NYTimes.com
Lifelock, the company that brazenly broadcast its chief executive’s Social Security number as part of its claim that it could protect anyone against identity theft, agreed on Tuesday to pay $12 million to settle charges that it misled consumers about the effectiveness of its service.
The settlement, announced by [...]

Image by Travelin’ Librarian via Flickr
Malware: Fighting Malicious Code
By FBI NPO
The FBI warned consumers today about an ongoing threat involving pop-up security messages that appear while they are on the Internet. The messages may contain a virus that could harm your computer, cause costly repairs or, even worse, lead to identity theft. The messages contain [...]

Year in review for online security attacks – 2009 is going to be known as a year of change in tactics of exploitation, rather than creating more new tools in hacker’s community. They are utilizing social media as a tool to exploit and using built-in trust in social media to their advantage. That’s why stealing [...]

Image via Wikipedia
By Erin Allday, SF Chronicle
Hackers may have had access to personal information for about 600 UCSF patients as a result of an Internet “phishing” scam, campus officials said Tuesday.
The security breach occurred in September when a faculty physician in the UCSF School of Medicine provided a user name and password in response to [...]

By Jaikumar Vijayan
The rush by shoppers to the Web makes the season a great time for online retailers. It’s also a great time for hackers looking to steal data and money from the unwary millions expected to search for great deals online.
Checkout huge savings on Today’s Hot Deals on Information Security Solutions for the holidays
The [...]

Image via Wikipedia

Here we have another unnecessary major security breach in a large healthcare organization which resulted in a loss of patient data demonstrating poor baseline security. They clearly are not ready for the new HIPAA provision ARRA and HITECH. Review my threats page and evaluate your current business and system risks to [...]

Image via WikipediaLegislation Heads for a Senate Vote
November 5, 2009 – Eric Chabrow, Managing Editor
The Senate Judiciary Committee Thursday approved two companion bills that would require businesses and government agencies to notify individuals of security breaches involving sensitive personally identifiable information. Both bills go to the Senate for consideration.
The Personal Data Privacy and Security [...]

Image via Wikipedia
Into The Breach; Protect Your Business by Managing People,
Atlanta Business Chronicle reported on Monday, October 26, 2009 that ChoicePoint Inc. will pay federal regulators $275,000 for a data breach in 2008 that compromised the personal information of 13,750 people and put them at risk of identify theft, the Federal Trade Commission reported.
The company, [...]

Image by włodi via FlickrAmericans fear having their identities “stolen” by cybercriminals more than they do becoming victims of a terror attack, getting mugged or having their homes burglarized, according to a new survey released by Gallup, a polling firm.
Stopping Identity Theft: 10 Easy Steps to Security
Identity theft is a crime in which an [...]

Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft
Phishing is a practice of luring unsuspecting Internet users to a fake Web site by using authentic-looking email with the real organization’s logo, in an attempt to steal passwords, financial or personal information. In daily life people advise to retrace your steps when you lose [...]