category

data leakage

Data leak dangers: Know your weak spots

When it comes to data leaks, what are the major weak spots you need to be looking out for? This feature explores three common causes.

Digital patch kit: How to protect yourself from data leaks

Knowing where your weak spots are as organization is important, as is ensuring that you actively do everything you can to stay secure from data leaks.

T-Mobile Czech Republic ‘suffers data leak’

T-Mobile Czech Republic has experienced a data leak, affecting 1.5 million of its customers, it has been claimed by local media.

From a drip to a flood: The impact of a data leak

Data leaks, especially from an organization’s point of view, are a huge and growing problem. The impact can be severe, as this feature highlights.

Medical data breach leads to a record cash settlement

California hospital pays the largest sum per plaintiff in history for its inability to secure the patients’ medical data.

5 of the most devastating data breaches of 2015

Data breaches got bigger, brasher and more devastating in 2015. In this feature, we look at how some of the biggest came about and the impact they had.

400GB of info leaked from Hacking Team

The “Hacking Team” Security Company has been hacked and more than 400 GB of confidential info has been leaked by a group of unidentified attackers.

Data breach – European bank’s info “held to ransom”

The European Central Bank has revealed that information including email addresses and contact data has leaked in a data breach – and that the unknown attackers demanded “financial compensation” from the bank in return for not releasing the information, according to the BBC’s report.

Revenue Service breach may have leaked data on 20,000 employees

Personal data for around 20,000 workers for the U.S. Internal Revenue Service (IRS), including names, social security numbers and addresses may have been exposed, after an employee plugged a thumb drive into a computer on an unsecured home network.

Low tech Romney tax return hack could be lesson in physical security

So, we read that one or more hackers claim to have gained access to Mitt Romney’s tax records, reported first in a Nashville paper, then in the tech/business press. The hack allegedly took place at the Franklin office of PriceWaterhouseCoopers just outside of Nashville, and PWC has alleged that no such thing happened. We have

Apache/PHP web access holes – are your .htaccess controls really safe

If your organization’s website runs on Apache, and many do, you might wonder if the webserver’s .htaccess controls are securely configured. If you believe the demo we saw yesterday at Blackhat by Matias Katz and Maximiliano Soler, the answer is a resounding ‘NO!’ What Katz and Soler described in their session is not some rare

Passwords of Plenty*: what 442773 leaked Yahoo! accounts can tell us

If a service leaks your credentials, your options are limited, but changing all your passwords to something harder to guess/break is never a bad idea.

ACAD/Medre.A Technical Analysis

For the story behind the suspected industrial espionage, where ACAD/Medre.A was used, refer to Righard Zwienenberg's blog post. For technical details from analysing the worm's source code, read on. ACAD/Medre.A is a worm written in AutoLISP, a dialect of the LISP programming language used in AutoCAD. Whilst we classify it as a worm, due to

ACAD/Medre.A 10000’s of AutoCAD files leaked in suspected industrial espionage

The malware news today is all about new targeted, high-tech, military grade malicious code such as Stuxnet, Duqu and Flamer that have grabbed headlines. So imagine our surprise when an AutoCAD worm, written in AutoLISP, the scripting language that AutoCAD uses, suddenly showed a big spike in one country on ESET’s LiveGrid® two months ago,

Guarding against password reset attacks with pen and paper

With the recent announcements of password breaches at LinkedIn, and warnings from Google about state-sponsored attacks on Gmail accounts, it seems like a good idea now to review some password security basics.  In this blog post, we’re going to take a look at a rather low-tech solution to a decidedly high-tech problem:  How to guard

The security of unlocking an Android based device, the future is near?

In a recent survey of people in America who use their smartphone for work, less than a third said they employ the password protection on their smartphones. Although everyone will agree that not protecting your smartphone isn’t smart, it is all about memorizing.  Everyone that has an Android-based device knows they do not have to

SKYPE: (S)ecurely (K)eep (Y)our (P)ersonal (E)-communications

SKYPE: Securely Keep Your Personal E-communications From time to time people get new computer equipment and need to (re-)install all their favorite programs. Often a painful and time-consuming job, but afterwards it should ease the way of working with the new equipment. Even security gurus have to undergo this procedure at regular intervals. In November

Windows Phone 8: Security Heaven or Hell?

Introduction Mobile World Congress 2012 is almost upon us, and one of the most hotly-anticipated topics is the next generation of Microsoft’s smartphone operating system Windows Phone 8, which has been kept under wraps far more tightly than its PC counterpart, Windows 8. While Microsoft was an early adopter in the creation of smartphones with

CarrierIQ-style data gathering law to require mandatory notification/opt-in?

As legislators grapple with increasingly vocal smartphone owners concerned with privacy, a new Bill before the U.S. House of Representatives aims to require mandatory consumer consent prior to allowing the collection or transfer of data on such devices. You may recall that a company called CarrierIQ recently became the center of attention after a user

EU – data breaches to be reported within 24 hours

In an escalation of the tendency to require companies to be forthright with their users following a breach, a European Union proposed bill intended to overhaul a 17-year old law is making progress. This week EU will outline the overhaul to the existing rules, hoping to encourage more expedient communication efforts following a breach, in

Follow us

Copyright © 2016 ESET, All Rights Reserved.