UPDATE – In an attempt to reign in the tendency of indifference toward consumer privacy among mobile application developers, California Attorney General Kamala D. Harris today made public a list of guidelines regulating the ways in which mobile application developers and technology companies handle user data and educate users about what they intend on doing with that data.
Browsing Category: Compliance
In a closely watched case, a federal judge today ruled against a high school sophomore who refused to wear a student ID embedded with a radio frequency chip that tracks students’ movement on campus.
An Idaho non-profit hospice has been fined $50,000 for losing a laptop containing unencrypted data on 441 patients.The laptop was stolen in February 2011 from a hospice worker’s car and never retrieved, according to news accounts. But Hospice of North Idaho officials say there is no evidence the personal information has been used to commit identity theft or fraud.
In an alert issued by the Office of the Comptroller of the Currency (OCC), Deputy Comptroller for Operational Risk Carolyn G. DuChene warned financial and other critical institutions about the wave of ongoing distributed denial of service (DDoS) attacks targeting their networks. DuChene is urging the banks in particular to share data about the attacks with one another and reiterated the OCC’s expectation that banks have risk management plans designed to mitigate such attacks in place ahead of time.
Dennis Fisher talks with Chris Soghoian, a principal technologist at the ACLU, about the developing market for buying and selling exploits and vulnerabilities. Soghoian has been a vocal critic of exploit sales and in this podcast he discusses the reasons why and why he thinks the policymakers in Washington need to get involved.
In an exclusive report, Bloomberg News outlines a month-long, systematic attack on Cola-Cola’s computer systems that may have influenced the failed $2.4 billion acquisition of a Chinese juice company.
The FBI knew about it. Coca-Cola knew about it. But shareholders were kept in the dark.
Microsoft announced Wednesday it will tweak the release of its forthcoming Windows 8 operating system to comply with the European Commission, which argues that in its current state, the software fails to offer customers a browser choice screen to let them “easily choose their preferred web browser.”
Dennis Fisher talks with Gary McGraw of Cigital about the release of the BSIMM4 data, how software security programs have matured in the last four years and how the government has become distracted by cyberwar and is ignoring software security, to its detriment.
By Andrew Storms
Let’s be clear, SAS70 should be sentenced to a quick and painful death in the bottom of a giant pit protected by 20-foot thick concrete walls where it should be buried forever, along-side other IT criminals such as Windows ME and IE6.
There’s been a huge jump in malicious, web-based infections targeting companies in the last year, a nearly 400 percent increase from last year, according to research released today by network security company FireEye. The company’s “Advanced Threat Report – 1H 2012,” blames the jump on attackers’ ability to penetrate organizations’ usual security infrastructures.