|
| HSBC Bank loses 370,000 personal customers details on cd |
Posted by SecExtra on April 07th, 2008
 Just as it starts to go quiet on the “data loss on cd” front, HSBC has admitted that a disk containing the personal details of 370,000 customers was lost four weeks ago after being sent by courier from the bank’s offices in Southampton. The customers’ details included their names, dates of birth, and their levels of life insurance cover though it did not include addresses or banking details.
This is the latest in a run of data security breaches where disks, laptops and memory card have been lost. In the most spectacular example yet of data loss, the HM Revenue and Customs (HMRC) lost some computer discs while in transit between London and Newcastle. These contained the entire child benefit data …
If you're new here, you may like our tasty RSS feed. Thanks for visiting! |
|
| The next generation of secure email delivery |
Posted by SecExtra on April 01st, 2008
 Email has evolved into one of the most important methods of communication in the business world today, enabling organisations to share information and interact with customers, employees, clients and partners. However, the growth of email traffic has been matched by an increasing security threat, and email has become a serious potential weak spot in corporate IT systems. As a number of high-profile cases in recent months have demonstrated, the exposure of an organisation’s most sensitive information can result in financial loss, legal ramifications, and brand damage.
Securing email communication, therefore, has to be a priority for any IT department especially as email, no matter how well protected, is more easily hacked than well-secured web sites. Traditionally, the only way organisations have been able to guarantee that the content of their emails are not intercepted during transition between email servers has been to encrypt the contents using public key infrastructure (PKI). This uses a key to encrypt or "lock" a message, so that only the complementary private key can be used to "unlock" it.
|
|
| PBX systems being hit by buffer overflows |
Posted by SecExtra on March 21st, 2008
 You may soon find your computerised telephone switchboard (PBX) hit by a new wave of security flaws. This comes following a report by Fortify Software.
The news follows on from reports from the MU Security Research Team about security flaws in the Asterix range of IP-PBX software applications, which a growing number of companies are using to computerise their switchboards and take advantage of low cost Internet telephony calls.
“Recent reports suggest that as many as 50 per cent of major companies are using Internet telephony services as a way of cutting their telecommunications costs, but our analysis is that they also need to review their IP telephony security arrangements as well,” said Rob Rachwald, Fortify’s director of product marketing.
“The buffer overload problem in the …
|
|
| US Hannaford stores hit by major card fraud |
Posted by SecExtra on March 19th, 2008
 A potentially major security breach has resulted in around 4.2 million credit and debit cardholders details being revealed in the US, with 1,800 fraud cases resulting so far.
“The case is interesting, as it appears that the card numbers were stolen during the card authorization process,” said Calum Macleod, European director of Cyber-Ark.
“The security breach is reported to have affected more than 270 stores in the Hannaford chain across the US, as well as a number of independent stores that sell Hannaford products,” he added.
According to Macleod, the company is reported to be aware of around 1,800 cases of card fraud as a direct result of the breach, but, he said, there are almost certainly more in the …
|
|
| Security Web 2.0: Open Season for the Attackers? |
Posted by SecExtra on March 12th, 2008
 Sandy Hawke, Director of Product Marketing Blue Coat Systems (www.bluecoat.com) discusses the challenges in balancing user expectations and corporate security.
The Web is quickly becoming a participatory medium–users contributing, communing, and building. The downside of this ubiquitous user participation is a new slew of security threats many IT professionals have yet to fully grasp.
For a number of years, the Web was a relatively one-dimensional experience characterised by the delivery of static HTML pages within a one-way client-server environment –with little direct user involvement. The security threats were and are real. But Web 2.0 is a different animal. Web 2.0 is a participatory client server environment of social networking, bookmarking, media-sharing sites, blogs, wikis, P2P networking, AJAX-generated applications and RSS feeds – …
|
|
|
|
-->
