Sahba Kazerooni is a senior security consultant with Security Compass, a security consulting and training firm specializing in application security based in New Jersey. He is also an internationally-renowned speaker on security topics, and has provided presentations at security conferences around the world, including...
Organizations often face the task of trying to recover data from water-soaked hard disks or servers that have been flooded by hurricanes, bad weather, or even the sprinklers going off in the branch or building.
Rule one -- don't assume that data isn't recoverable, no matter what it has been through, says Jim...
Everyone was watching the Olympics this past month and saw lots of records being broken. But there is one record no one want to be included in -- the record number of 449 data breaches that have happened (and been made public) and recorded by the Identity Theft Resource Center.
Unfortunately for some unlucky...
The Bank of New York Mellon (BNY Mellon) has announced that the data breach that occurred back in May is much bigger than the 4.5 million records originally announced. The bank now says that another 8 million customers were affected by the breach, bringing the total figure to 12.5 million, which may make it the...
GLBA who? Bank Secrecy what? Insider Threat?...is that something mob-related?
Your customers may not even know your institution is examined for security compliance by the banking regulatory agencies, and so most likely will have never even heard about the ID Theft Red Flags Rule and the impending November 1 ...
So, I'd started my weekly blog entry intending to discuss application security (I'm keenly interested in what the just-released BIS survey is going to reveal) when the following headline came across on my BIS RSS feed "Social Engineering Hits Brit Bank Head, Victim of Fraud."
You'll have to forgive me for being so...
A Wells Fargo bank access code was used to steal the personal information of roughly 5,000 consumers, leading the bank to conduct a full-scale inquiry into the data breach.
Wells Fargo says it was notified on July 1 by MicroBilt, an online consumer and commercial credit bureau information provider, that someone had...
Maybe the Countrywide television ads that constantly run on cable news shows I watch on weekends will now tout, "Finance your mortgage with Countrywide, and have your identity stolen at the same time for mere pennies."
The recent arrest of a former Countrywide employee in the insider identity theft case, where an...
"Whitelisting" is a new twist on information security. Instead of trying to find a software solution that keeps all of the potential bad guys out of your systems, whitelisting allows you to establish a protection layer that grants access to only your finite list of good guys - individuals or applications.
In this...
In the wake of the arrests of 11 hackers tied to the TJX data breach, security experts everywhere are warning of bigger, bolder threats to come.
So, what should banking institutions have learned from TJX-style breaches, and what can they do now to protect their customers and critical financial/informational...
Interview with Cyber Crime Expert Eric Fiterman
In the wake of the arrests of 11 hackers tied to the TJX data breach, security experts everywhere are warning of bigger, bolder threats to come.
So, what should banking institutions have learned from TJX-style breaches, and what can they do now to protect their...
I'm out in the field this week conducting a series of services for one our clients. At the moment I'm heavily focused on completing a draft of a new vendor management program for them to implement. Although we have a standard methodology that's been used by the practice for several years, I've taken it upon myself...
The recent release of a University of Michigan study on the security flaws of online banking websites brings attention to the often overlooked area of web application security.
In this exclusive interview, Jeremiah Grossman of WhiteHat Security shares his insights on the importance of web application security for...
Last month I wrote several articles on GLBA compliance, and I asked several people I know who are fluent in these issues what are some of the most common questions they face on GLBA as a security manager or assessor at the institutions they either work at or are assessing?
During my formative years, I developed a tendency to spend considerable time trying to figure out ways to circumvent the myriad systems teenagers and young adults are confronted with. So much of what was expected of me just didn't make sense, and I didn't want to simply go-along-to-get-along. My father would often...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.
