DISC InfoSec blog

Telus, a Canadian national telecommunications company is looking into whether employees’ data as well as the source code for the system were stolen and then sold on a dark web marketplace. Subsequently, the threat actor published screenshots that appear to depict the company’s payroll data and private source code repositories. “We are investigating claims that a small amount of […]

Third-party risk assessments are often described as time-consuming, repetitive, overwhelming, and outdated. Think about it: organizations, on average, have over 5,000 third parties, meaning they may feel the need to conduct over 5,000 risk assessments. In the old school method, that’s 5,000 redundant questionnaires. 5,000 long-winded Excel sheets. No wonder they feel this way. The reason why […]

August 2022 has been a lesson in being careful with whom you provide sensitive information. In a month that saw the former US president accused of misappropriating classified government documents, there were also a spate of malicious insiders compromising their employer’s systems. Meanwhile, the bastion of password security, LastPass, announced that its systems had been […]

The Current Authentication Landscape To authenticate a user means to verify that the user is genuine. Classically, the way to authenticate a user is to request their login credentials and ensure those credentials match the credentials stored in your directory service or authentication server. The full history and background of authentication is more complex, but that’s the […]

Luke Irwin  1st December 2021 In November, we discovered 81 publicly disclosed cyber security incidents, accounting for 223,615,390 breached records. With one month left in 2021, the annual total running total of compromised records is to just shy of 5 billion. Keep an eye out for our end-of-year report in the next few weeks, where we’ll […]

The ‘Cost of a Data Breach’ report commissioned by IBM Security states that the cost of a data breach exceeded $4.2 million during the COVID19 pandemic. IBM Security presented today the annual study “Cost of Data Breach,” conducted by Ponemon Institute…

Read Forbes Technology Council list nine things that can impact cybersecurity on Forbes : From the Equifax breach this past September to the recent hack of MyFitnessPal data through Under Armour, the number of high-profile cyberattacks has continued to climb in recent months. Every company, regardless of size, must be prepared for the possibility that they […]

Cyber attacks have become a regular occurrence in the last few years; in fact, you can’t turn the news on without some mention of a business suffering an attack. Most attacks are fuelled by criminals looking to steal valuable information, but what type of information is being stolen? According to a report by Veracode, the […]

July 22nd, 2013 by Lewis Morgan  I overheard a conversation the other day, one which left me so stunned that I’ve decided to write about it…. Two men having dinner behind me (I got the impression they were both directors) were discussing the £200k fine the NHS received for losing patient data. Eventually, the conversation […]

By Doug Woodburn Rival SecurEnvoy claims channel partners are being inundated with calls from panicked RSA end users in wake of security attack RSA Security ‘s customer-data breach has sparked “panic” among the vendor’s customers and channel partners, according to rivals. In an open letter to customers posted on RSA’s website yesterday, executive chairman Art […]

Image by Agathe B via Flickr Prepare now to prevent a ‘security breach’: 45 states and the District of Columbia have laws spelling out procedures when personal information has been … article from: New Hampshire Business Review By David Scott It’s rather interesting to monitor what’s happening in the UK right now. Data protection legislation […]

Another stolen laptop puts thousands of people’s personal data at risk but this time it’s the caregivers — not the patients — who are at risk. November 6, 2009 By Larry Barrett: More than 10,000 physicians’ and dentists’ personal data was exposed last week in New Hampshire after an employee at Anthem Blue Cross and […]