All Posts By: TeamSHATTER Admin

No Questionable Calls Here: The March Madness Meets Higher Education Data Breach “Brackets” Are Back!Team Shatter Exclusive

march madness

March Madness is here! Yesterday, the NCAA Selection Committee selected 68 teams to participate in this year’s NCAA Division I Men’s Basketball Championship.  While fans across the country are sneaking out of the office to watch games, breaking out the ol’ college sweatshirts, and betting Vegas-style, we are joining the fun for the Third Annual Higher Education Data Breach Madness “Brackets.” Just like in previous years, the data breach madness “bracket” is determined solely by the number of reported breaches…

Click for complete article >>

Three Of The Biggest Credit Reporting Agencies Acknowledge Data Breaches

hacker

The three biggest credit reporting agencies in the U.S. each have reportedly acknowledged intrusions into their systems following the revelation of personal data, including financial information, of celebrities and prominent figures on a website this week. Executives at Equifax, Trans Union and Experian acknowledged the breach to Bloomberg in a report published Tuesday. Tim Klein, a spokesman for Equifax, told the news agency that a hacker gained “fraudulent and unauthorized access” to at least four consumer credit reports at the…

Click for complete article >>

Evernote Hack Affects 50 Million Users

blue screen

Tens of millions of online note-takers found themselves worrying about their security Monday, as questions remained about a weekend hack of Evernote. The online note-taking and archiving service began requiring its 50 million users to reset their passwords Saturday after announcing it was the victim of a security breach, making it the latest tech company in recent weeks to fall victim to hackers. Click for complete article >>

Click for complete article >>

Security Experts Urge State Governments To Up Cyber Security Measures

USA Flag2

The email sent to several thousand of state employees in early February looked official. It featured the state logo and a familiar warning that email access was about to be cut off because the employee’s inbox was too full. The email invited employees to click on a link to solve the problem. If an employee clicked, a screen popped up asking for more data, including the employee’s name, login and password. It was a classic spear-fishing exploit with the hacker’s…

Click for complete article >>

Zendesk Hack Exposes Twitter, Pinterest And Tumblr Data

social media

Customer service software provider Zendesk announced a security breach that allowed attackers into its system, where they could access data from three customers this week. Wired learned those three clients were Twitter, Pinterest and Tumblr. The San Francisco-based company announced the breach in a blog post published early Thursday night. Tumblr notified affected users in an email at approximately 6:35 p.m. PST; Twitter and Pinterest are expected to do so shortly. Zendesk declined to comment beyond its blog post, titled, appropriately,…

Click for complete article >>

Oracle Database 11g stealth password cracking vulnerability in logon protocol (CVE-2012-3137)Team Shatter Exclusive

The vulnerability I will describe in this blog post has some aspects that make it especially noteworthy, which are derived from the fact that the issue lies in a critical portion of the authentication protocol. The vulnerability can be exploited in a stealth way, going undetectable because all the attacker needs is information that the Server sends freely as part of a normal authentication process. In addition, the vulnerability is so intimately part of the authentication protocol that it couldn’t…

Click for complete article >>

Tips To Granting Database Access Control Permissions

Posted February 13, 2013 by in Database Security with 0 comments
lock

Database permissions can cause headaches for even the most sophisticated security organizations. Indeed, many of the most persistent problems with malicious or risky database access start before the database server software is even up and running. Why are database access controls so maddeningly complex? In a word, flexibility — the very flexibility that enables organizations to create multiple and interlocking roles can also create a knot of confusion and vulnerability. Click for complete article >>

Click for complete article >>

Cyber Crime Is Growing, Yet Risk Typically Not Covered By Insurance Policies

Posted January 11, 2013 by in Data Breach, Database Security with 0 comments
insurance policy

In September, the customer websites of Bank of America,  Wells Fargo, US Bank, J.P. Morgan Chase and PNC were rendered inaccessible for more than a day by the biggest cyberattack in history, now attributed to Iranian government hackers. Weeks before, online vandals breached security at LinkedIn, stealing the passwords of six million people who frequent the popular business-networking site. Whether companies are the victims of state-sponsored invasions or criminal attacks, one of the scariest threats facing businesses today is hacking—and the…

Click for complete article >>

South Carolina Agencies Still Working On Security Improvements

lock

Months after a foreign hacker broke into the South Carolina Department of Revenue’s computer system exposing millions of taxpayers’ personal records and causing the state to spend $20 million for added protection, state cabinet agencies are still working on security improvements, an examination by GreenvilleOnline.com show. Just one of South Carolina Gov. Nikki Haley’s 15 cabinet agencies questioned by the website — the Department of Probation, Pardons and Parole — responded without qualifications that it had the full basic protections…

Click for complete article >>

Security Events In 2012 May Indicate What’s To Come In 2013

past

For all the apocalyptic prognostications, 2012 turned out to be a relatively uneventful year from an information security standpoint. A cyber Pearl Harbor did not happen. Stuxnet and its kin did not take out any power grids or shut down cities. Mobile threats continued to escalate and malware became more sophisticated, but none were as game-changing in nature as Stuxnet was. While there were still plenty of data breaches, including a handful of big ones, they were much smaller in scope compared…

Click for complete article >>
Powered by