Endpoint Protector Appliance: Stop data theft on Windows and Mac

Recycling taken to the next level – theft of private files ignites investigation

September 30th, 2010 by Agent Smith (0) Data Theft & Loss

A data and privacy breach comprising more than 33,000 patient records, of patients housed at he Martin Luther King, Jr. Multi-Service Ambulatory Care Center (MLK-MACC) in South Los Angeles has been reported by the he Los Angeles County Department of Health Services (DHS) and the Los Angeles County Sheriff’s Department (LASD) and restulted in a suspect being arrested.

The files in question, which have been stored in a secured and locked location have been reported missing on July 29. An immediate search of MLK-MACC campus has been launched for the missing files. Read more

How to Stop Conficker/Stuxnet in four easy steps – Advisory by CoSoSys

September 28th, 2010 by Agent Smith (1) endpoint security,In the News,Malware Infections

As some of you may know, the Stuxnet worm (and Conficker) has been running amok on both private and corporate networks. The malware spreading via USB devices is always the source of new threats. The latest development of Stuxnet exploits zero day vulnerabilities to target supervisory control firms and data acquisition (Scada) and other industrial systems. Such systems are being used to control pipelines’ pressure or motor work rates on industrial factory floors. Typical environments can be oil pipelines and power-plants, factories etc.

Endpoint Security and Device Control Solutions with low TCO and great ROI.

Conficker/Stuxnet detects platforms with Scada systems installed on and uses Windows vulnerabilities to gain access and spread through the network. In the light of current events and the continuous spread of the worm through USB ports and USB portable devices, endpoint security and data loss prevention solution developer CoSoSys has created a four-step strategy against Stuxnet that’s extremely easy to implement: Read more

Former Hospital Employee Sells Patients’ Private Data

September 24th, 2010 by Agent Smith (0) Data Theft & Loss,Laws & Standards

Federal prosecutors have stated that a former employee of the University of Pittsburgh Medical Center has been indicted for the alleged theft of patient data. This is the first HIPAA-related prosecution in Western District of Pennsylvania.

Paul C. Pepala, 34, of Monroeville, PA, faces 14 counts related to the alleged disclosure of patients’ data for personal gain in February 2008, when he was an employee at UPMC Shadyside Hospital. The indictment lists Pepala as the sole defendant. Read more

The employee: an essential cog in the security machine

September 22nd, 2010 by Agent Smith (0) In The Spotlight

Last week, a worm called “Here you have” has started spreading. Among the first targeted companies was Intel. The damages were minor, in part because of the companies traditional defenses, but mainly because of well trained employees.  Malcom Harkins, chief information security officer at Intel states that the employees started calling IT as soon as they saw the worm.

“The employee base saw it, they reacted really quickly, and helped us contain it by alerting us to it and then telling others not to click on it,” Harkins says.

Due to the fact that mobile devices nowadays allow more and more people to work from virtualy anywhere, companies need to start treating their employees as security partners. Read more

Stuxnet Worm: New threat targets Scada Systems and other industrial environments

September 20th, 2010 by Agent Smith (1) In the News,Malware Infections
Research in the area of malware has revealed a new and sophisticated threat that targets and exploits four zero-day vulnerabilities in an attempt do disrupt industrial systems. The new threat is caused by an older malware, the Stuxnet worm which appeared for the first time in July and was spread via USB devices. It now seems that it has been designed to target supervisory control firms and data acquisition (Scada) systems.

These systems have a mainly industrial usage. They are being used to control pipelines’ pressure or motor work rates on industrial factory floors. Typical environments can be oil pipelines and power-plants, factories etc. Read more

UK cost cutting trend affects information security spending

September 16th, 2010 by Agent Smith (0) In the News,Research and Studies

Although C-level management recognizes the importance of information security, companies all around the UK plan to reduce their information security costs. This rumour is backed up by a survey released by PricewaterhouseCoopers (PwC), which states that budget increases for information security costs is a priority for less then one third (31%) of the UK-based companies. The international average is 52%.

Endpoint Security and Device Control Solutions with low TCO and great ROI.

The importance of strategic approach to information security has been increasingly understood by the majority of senior levels despite stringent budget and cost reductions. A statement by William Beer, director of PwC’s OneSecurity practice, shows that high profile incidents in this field, such as the one that led to a fine of £2.3m payed by Zurich Insurance have helped the earlier mentioned senior levels to acknowledge the importance of information security. Read more

7,000 CCNY Students Affected by Data Breach Exposing Sensitive Information

September 15th, 2010 by Agent Smith (0) Data Theft & Loss,Identity Theft,security breach

Panic grows among 7,000 students that are attending City College of New York as this week they have been notified by the school’s officials that a laptop theft may cause public exposure of their private details, including names and social security numbers.

The computer was stolen a couple of weeks ago, according to a post published by the Educational Security Incidents (ESI) blog. The data of the computer was not encrypted, but only password protected. CCNY officials found no evidence that any of the data has been used for identity theft or other illegal endeavors. Read more

Manchester Police Denies Ownership of lost USB stick with Classified Information

September 9th, 2010 by Agent Smith (0) Data Encryption,Data Theft & Loss,security breach

An USB stick belonging to the Manchester Police and containing over 2,000 pages of highly-sensitive and confidential information has made is way to the Daily Star news room, after apparently being dumped in the street close to the Stalybridge police station near Manchester. According to the Daily Star, the files stored on the memory stick contained anti-terrorism information, including strategies for acid and petrol bomb attacks, blast control training and the use of batons and shields.

“Describing its contents as “an essential reference for all officers”, it goes on to outline methods to combat football violence, riots, public disorder and how to deal with violent people when entering a room.
Produced by the National Police Improvement Agency, the files, bearing the title Manual On Guidance Of Keeping The Peace, cover all aspects of counter terrorism and “tactical deployment”.

The Greater Manchester Police replied the Daily Star accusation by refusing to confirm the ownership of the memory stick. Read more

Data breach leads to loss of details of over 8,300 P.K. Yonge employees, students

September 2nd, 2010 by Agent Smith (0) Data Theft & Loss

A laptop computer stolen last month endangered the personal information of over 8,300 current and former students and employees of P.K. Yonge Development Research School, a kindergarten-through-grade-12 laboratory school affiliated with University of Florida’s College of Education.

The files stored on the stolen laptop contained employee payroll, employee parking permit and student information dating back to 2000, along with names, Social Security numbers and, in some cases, Florida driver’s license numbers. PK Yonge officials have confirmed that no student academic or medical records, nor any credit card details, were on the computer. Read more