data breach

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Verizon has released their 2009 Data Breach report. I haven't read it yet, but below are a few people's first thoughts on the report.
    Verizon Business Security Blog >> Blog Archive >> The 2009 Data Breach Investigations Report
    Tags: ( reports )
  2. Martin's first pass at the PCI specific portions of the Verizon report.
    Network Security Blog >> Verizon Data Breach Investigation: The numbers say PCI IS important
    Tags: ( reports )
  3. David's first take on the Verizon report.
    Initial Thoughts on the 2009 Verizon DBIR << The New School of Information Security
    Tags: ( reports )
  4. Shrdlu's take on the Verizon report.
    Once more into the breach report.
    Tags: ( reports )
  5. Time to patch those Oracle installations.
    Oracle delivers major security patch update - Network World
    Tags: ( oracle patches vulnerability )
  6. Interesting article on a sneaky way to get a linux rootkit into the kernel.
    New Attack Sneaks Rootkits Into Linux Kernel - DarkReading
    Tags: ( linux rootkit )
  7. Some good thoughts on risk management and what it means.
    Ascension Blog >> Musing on Risk
    Tags: ( infosec risk-management )
  8. A Q&A with Johnny Long whose new website was unveiled recently.
    Q&A: Johnny Long - Christian, Pirate, Hacker, Ninja - Security
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.



Howdy folks.

We are going to try something a little new today.

As you have all probably realized, these posts have all been built from blogger sources to date. I am going to start expanding them to include things I see in the news and from other sources that have infosec applications. As we go forward, I am interested in knowing if you would prefer to have two separate posts or if you like the combined format.

As always, leave a comment with your opinion or email me kriggins _at_ On with the show.

From the Blogosphere.

Jennifer Leggio has a post up on her new blog Feeds at ZDNET (congrats Jennifer) about privacy concerns with Company Groups on Linked. She points out some very real privacy and data leakage concerns for this type of automated grouping.

Richard Bejtlich has a good summary of the Verizon Business 2008 Data Breach Investigations Report which you should go ahead and read.

From the newsosphere.

Via Dark Reading, RSA is introducing a flexible card shaped authenticator.

Via SearchSecurity, The PCI council is launching an assessor quality assurance program. Kinda have to wonder why it has taken this long for something like this to happen.

The Register brings us an interesting article about fraudsters gaming the address verification system in use in the UK for charges.

From congressmen are saying that China is hacking their computers. Of course China is denying it.

Have a great day and remember, let me know which format you prefer, combined or separate.


Technorati Tags: , , , , , , , , ,

{ 1 comment }