September 2010
4 posts
Police charge 11 over Zeus cybercrime scam →
Essex round-up
UK police investigating a suspected Zeus Trojan e-banking fraud ring have charged 11 people with a variety of fraud and money laundering offences.…
Free Whitepaper - When…
EU sues UK.gov over Phorm trials →
We didn’t do nothing
The European Commission is suing the UK government over authorities’ failure to take any action in response to BT’s secret trials of Phorm’s behavioural advertising…
Large companies ignore data centre advice - survey →
Feel the need for it though
Large companies across the UK increasingly turn to independent consultants when they want advice on the design and specification of a data centre. Almost all of them…
Security hole found in top price-comparison sites →
Exclusive: PC Pro investigation reveals price-comparison websites are failing to protect customers’ personal data
August 2010
4 posts
Detective fined for data breach →
A detective is ordered to pay a total of £5,000 after disclosing information from a police computer to a suspected criminal.
Dixons done for dumping customer info in skip →
Do you want identity theft with that?
Dixons has had its wrist slapped for leaving customer details in a skip outside one of its PC World stores.…
Cold callers 'should be banned' →
Three-quarters of people want cold calling to be banned, according to a survey by the consumer group Which?
Averting Disaster Through Disaster Recovery →
Writing that courts have provided little guidance on what actually constitutes a “disaster recovery” backup tape as distinguished from an information archival tape, David Lender and Jason Lichter…
July 2010
16 posts
Data breaches blamed on organised crime →
Hackers feast on financial sector security mistakes
Cybercrooks continue to be a menace to corporate security, with hackers and malware authors collectibly responsible for 85 per cent of all stolen…
Thousands of NHS staff stripped of Microsoft... →
NHS staff told to uninstall Microsoft Office on home PCs following end of discounted licensing deal
Is governance the answer to system failure? →
Over at Management Matters, guest blogger Steve Burrows writes of high profile systems failures at Tesco and Barclays in the UK:
These instances, two major private sector failures of…
How Facebook Can Make or Break Your Case →
The first thing attorney Eric B. Mayer does after receiving a copy of an employee-filed complaint — before he reads it — is check the plaintiff out on Facebook and other social networks. “Just…
BlackBerrys pose 'security risk' →
The United Arab Emirates says that it is considering restrictions on BlackBerry phones, as they pose a “national security risk”.
Europe must cut duties on US gadgets →
Set-top box and printer tax illegal, reports
The World Trade Organisation has ruled that EU import duties on certain gadgets imported from the US, Japan and Taiwan are illegal.…
Microsoft renames responsible disclosure →
Coordinated Vulnerability Disclosure still requires researchers to take flaws to vendors first
Assuming Your Company Is Owned... That’s Risk... →
ComputerWorld columnist Roger Grimes recently blogged about “Security Rule No. 1: Assume You’re Hacked.” Roger, in turn, was reacting to a Forbes magazine written by Richard Stiennon that made…
IT delays cost HMRC £33m →
Tax & pensions system plagued by issues
The National Audit Office (NAO) says that delays to a single tax and pensions system cost HM Revenue and Customs £33m in procurement costs.…
Free…
Data watchdog sees record number of breaches →
The data watchdog wants power to jail, but hasn’t yet used its powers to fine
Thieves steal 3,000 laptops from US Special Ops... →
9-hour military operation burglary
Thieves lifted 3,000 laptops from a military contractor for the US Special Operations Command in a leisurely nine-hour robbery back in March, it has emerged.…
Ha ha ha ha ha. RIAA paid its lawyers more than... →
Ray Beckerman / Recording Industry vs The People: Ha ha ha ha ha. RIAA paid its lawyers more than $16,000,000 in 2008 to recover only $391,000!!! — The RIAA’s “business plan” is even…
Bank of America Admits to 'Dollar Rolling' $10... →
Bank of America Corp. has admitted to maneuvering as much as $10.7 billion in debt from its balance sheet and then back again through repurchasing deals that the bank called “dollar rolls.” The deals…
Lost your BlackBerry? Find it on a map →
Free BlackBerry Protect system helps find or wipe missing smartphones
Identity management is a pain in the backside →
Do you work here? And other important questions
Workshop Identity management in the corporate environment is complex - not to mention, at the coalface, a pain in the backside.…
IT insider admits stealing info for 2,000 bank... →
Makes off with $1.1m
A former IT worker for the Bank of New York has admitted to stealing personal information of 2,000 employees and using it to steal more than $1m from charity bank accounts,…
June 2010
12 posts
Privacy watchdogs: Silence isn't cookie consent →
Thumbs up required
Advertisers are wrong to say that websites can comply with a new law governing internet cookies by relying on a user’s cookie settings, Europe’s privacy watchdogs have said. The…
Hack attack targets cash machine jackpot →
Banks face security nightmare as researcher plans to go public on vulnerability
Info Commissioner must justify why stats data are... →
How many sex offenders in your post code?
Sadly, there is more data protection case-law arising from the conflict over requests for personal data made under freedom of information (FOI)…
Twitter Settles With FTC For Privacy Breach →
Organizations continue to face risk for security breaches. Normally, we talk about the risk of security breaches being fines and other costs around loss of PII, per California Senate Bill 1386 and…
Security firms taking days to block malware →
Can you hold on till Friday?
Anti-malware vendors can take up to 92.48 hours to block malicious sites, potentially leaving clients in blissful ignorance of threats to their systems in the…
ICO spanks Kent Police for data loss →
Nicked from car boot
Kent Police has been reprimanded by the Information Commissioner’s Office and has promised to improve policies following the loss of private data from the back of a car.…
FSA: Of course customers don't read contracts →
Silly to expect otherwise
Companies should not reject customer complaints because they ticked a box saying they had read and understood an unfair contract, the Financial Services Authority (FSA)…
GCHQ imposes Whitehall iPhone ban →
BlackBerry secures monopoly
The image of ministers and their advisors hunched over their BlackBerries is set to become an enduring legacy of the New Labour era, as it’s emerged that RIM will…
Fading data could improve privacy →
By making personal data ‘fade’ over time it could be possible to improve privacy online, according to new research.
Police confirm cybercrime budget cut →
Hello, hello, goodbye
The Metropolitan Police have confirmed their budget for battling cybercrime nationally has been slashed by the Home Office.…
FSA warns firms about social media promotions →
Formal ad rules still apply
Financial services firms should keep tabs on their social networking, other internet communications and iPhone apps to make sure that they stay up to date and compliant,…
Should we be encrypting backups? →
It’s about the restore, stupid
Workshop We all know that data protection regulations are gaining teeth. As we discussed before, it is becoming more difficult to keep data losses private, and the…
March 2010
4 posts
IT staff in £33,000 casino theft →
Two IT analysts have receive suspended prison sentences for theft from a casino chain where they worked.
HSBC admits huge Swiss data theft →
About 24,000 clients of HSBC’s private banking operation in Switzerland had personal details stolen, the bank admits.
Fraud-prevention service ponies up $12m for... →
Agrees to safeguard customer data
An Arizona company that sells services designed to prevent identity theft has agreed to pay $12m to settle charges it oversold their effectiveness and didn’t…
Banking fraud 'moves to internet' →
Fraudsters are continuing their switch from traditional card fraud to raiding online bank accounts, research suggests.
January 2010
5 posts
Government personal data handling 'better' →
Report smiles on efforts to be less leaky
Measures put in place by the Government to better protect individuals’ personal data have been successful but more work is needed, according to the first…
Judge Heaps E-Discovery Costs on Plaintiff →
In what may signal a sea change in how legal costs are apportioned after trial, a Georgia federal judge has ordered the losing company in a patent infringement action to pay its opponents more than…
How to Strategically Secure IT Remote Support →
Without a strategic vision for remote control security, organizations will continue to fall prey to hackers who take advantage of IT support departments’ growing use of remote access tools. Here,…
Fines of £500,000 for data losses →
New rule could result in significant fines for those found to be breaching the Data Protection Act.
Email Wins Cases →
Many significant cases today are won or lost by email, text messages, and instant messages. These kind of informal, quick communications are a gold mine of useful information. They often reveal what…
December 2009
7 posts
What to do about virtual server security? →
Process, not technology, holds the key
Lab Security’s important, right? Well, so it may be – but when it comes to virtualisation, it’s not hard to get the impression that it isn’t being treated as…
Google's reCAPTCHA busted by new attack →
Significant success rate
A security researcher has devised a successful attack on a Google-owned system for blocking malicious scripts on web-based email services and other types of sites.…
…
A Shift In Security & Risk Research →
If you’ve been reading the blog, you’ll notice that “shift” is a common theme here with the Security & Risk team. We believe 2010 represents a shift in how CISOs will support their…
Stolen bank data mixed into list of French tax... →
Swiss bank IT worker turned gov informant under protection
The legality of a French crackdown on suspected tax evaders earlier this year has been thrown into doubt after it emerged that stolen data…
Layers of security: Off to the clouds →
Blogger: Dan Blum
Visualizing the Boundaries of Control in the Cloud, which is Scott Morrison’s post, reprints my previously posted stack diagram that shows how the complexion of…