data breach
Patching your business, Yahoo breach, Google Glass, DDoS-for-hire - 60 Sec Security [VIDEO]
Our 60 Second Security videos are back!
We're aiming for a weekly roundup that's quick, fun and useful.
But there is a serious side: security anecdotes to use in your own "elevator advocacy."
"Casher crew" from global $45m cyberheist busted in New York - 1 dead, 7 face trial
When you think of cybercrime, you probably imagine a hacker sitting far from his victims, breaking in digitally from a distance.
But when it comes to cashing out the proceeds of your crime, it's a question of "Go where the money is...and go there often."
SSCC 108 - WW2 crypto, Bitcoin mining, internet cameras, password breaches [PODCAST]
Chester calls home from Interop in Las Vegas to record the latest episode of the Sophos Security Chet Chat.
Join Chester and guest Paul Ducklin in their regular quarter-hour podcast as they laugh about (and lament) the latest goings-on in the world of computer security.
Monday review - the hot 20 stories of the week
Catch up with all the security news from the last seven days - it's weekly roundup time.
50,000,000 usernames and passwords lost as LivingSocial "special offers" site hacked
LivingSocial, the online offers site owned in largish part by Amazon, has just emailed its userbase, said to be 50,000,000-strong, to fess up to a data breach.
Another day, another shed-load of password hashes in the hands of crooks....
How effective are data breach penalties? Are ever-bigger fines enough?
Since 2011, data security company ViaSat UK has spiced up the Infosecurity Europe conference by filing a Freedom of Information request for data breach statistics.
In previous years they've fallen out with the regulators over the matter, but things turned out better in 2013...
Scribd, "world's largest online library," admits to network intrusion, password breach
San Francisco-based document sharing site Scribd has admitted to a network intrusion.
Details are scant, but fortunately a notification published by the company suggests that no more than 1% of users are at risk...
American retailer Genesco sues Visa, demands $13m in PCI-DSS data breach fines paid back
Genesco, a massive American retailer, suffered an intrusion by cybercrooks in 2010. It was subsequently "fined" over $10m by the payment card industry.
Now it wants its money back...
Questions and answers about the Twitter hack
Everything you need to know about the Twitter hack, and how you should respond to it - in simple English.
Twitter hacked, at least 250,000 users affected: what you can do to protect yourself
Twitter is the latest web property to admit that intruders seem to have been wandering around its network for some time.
Paul Ducklin investigates and offers some advice on what to do next...
OKCupid app, Crazy Blind Date, peeks into your privates
A bug in OKCupid's recently released Crazy Blind Date application allowed complete strangers to paw at users' data.
Report: 94% of US hospitals suffered data breaches, and 45% had quintuplets
Competent healthcare providers are great at medical things.
Securing electronic devices or health records? Not so much, the Ponemon Institute finds.
Australian Defence Force Academy in stinkingly bad password breach
The Australian Defence Force Academy is the latest high-profile organisation to become embroiled in a data breach.
The breach revealed names, birthdates, and some...well, some stinkingly bad passwords. Find out more...
FreeBSD shutters some servers after SSH key breach
FreeBSD has announced a smallish system compromise.
The FreeBSD administrators took a bunch of servers offline to investigate, and published a blow-by-blow account of what they know about the breach so far.
IP theft attacks can hide on networks for years, unspotted by corporate victims, report claims
Organizations in the financial services and public administration sectors are the primary targets of sophisticated attacks aimed at stealing intellectual property, with attacks involving both external and internal agents and lasting for months or years, according to a new report from Verizon.
Security spill at the IEEE
By its own account, the IEEE is the world's largest professional association for the advancement of technology.
Not quite the organisation you'd expect to store 100GB of HTTP logs in a world readable internet facing directory.
Cancer Care Group leaves unencrypted server backups in car, loses data on 55,000 patients and staff
Indiana-based Cancer Care Group has lost server backups with data on 55,000 patients and staff from a parked car.
We have to ask, "Why would anyone, ever, leave an unencrypted laptop unattended in a car?"
Dropbox two-factor authentication available to early adopters
A few weeks ago, Dropbox reported a data breach and promised two-factor authentication as part of its security response.
The good news is that the company is already starting to deliver on that promise...
Anonymous hacktivists steal AAPT customer data in data retention protest
Internet security and privacy are enjoying a spirited public airing in Australia today.
The wires are abuzz with claims that hackers stole 40GB of data from an ISP in protest against proposed new data retention laws.
US Senate proposes national data breach notification act
A new bill has been brought before the US Senate that would unify data breach notification laws across the United States. Read on for what's protected and how it would work.
