Endpoint Protector just launched the new versions for Ubuntu and openSUSE of its Device Control and Data Loss Prevention solution, Endpoint Protector 4. With the new launched version, Endpoint Protector is virtually platfom-independent.
Endpoint Protector 4 is available as Hardware and Virtual Appliance, with support for Windows, Mac OS X and Linux Ubuntu 10.04 LTS and openSUSE 11.4. The data and device security solution ensures a complete and proactive protection against both inside and outside threats for organizations in an easy, but highly efficient manner with seamless integration and no operating system constraints. For more details, please visit: http://www.endpointprotector.com/en/index.php/products/endpoint_protector
The European Union is planning to create and launch a European Cybercrime Centre by January 2013. The centre, a proposal of the European Commissions, will operate within Europol, the continent’s police agency and will deal with online banking fraud, attacks against smartphones and other large scale types of attacks which are directed against public services and infrastructure. Read more
The mobile industry is no longer thriving, as it has reached a critical point due to the security concerns raised by companies trying to integrate mobile computing into their overall security framework. A fresh survey on mobile security shows this type of devices represents a critical business tool, boosting creativity, but their malfunctions or security threats need to be avoided and carefully managed.73% of organizations reported visible efficiency increases due to integrating mobile computing into business operations and processes, according to the mobile industry study that queried over 6200 IT decision makers. Read more
People who use social networks and smartphones can easily become victims of identity fraud, as shown in the 2012 identity fraud study carried out by Javelin Strategy & Research.
The US number of victims was 13% higher more than 11.6 million adults have fallen pray to identity fraud, yet the average dollar amount stolen in these incidents was about the same as the previous year. Consumers whose personal information has been compromised by corporate data breaches were the most likely victims. Persons who have received notifications of a data breach affecting their personal data are 9.5 times more likely to experience identity fraud than those who did not receive such a notification.
Javelin also tracked users’ online behavior to see its impact on identity fraud. “LinkedIn, Google+, Twitter and Facebook users had the highest incidence of fraud, although there is no proof of direct causation”. The survey also showed users ignore warnings about social networks being heavily used by fraudsters and are still sharing a significant amount of personal information that might be used to steal their identities. One of the examples quoted in the report was business social network LinkedIn where people connect with strangers without reading carefully or paying attention to of what they are really doing.
7% of smartphone users became victims of identity fraud last year, showing a 33% higher incidence rate compared to the general public. A good way to prevent such breaches for smartphone users is to have passwords on the home screen (the study shows 62% of mobile users fail to set one), to block access to information stored on the phone. Another safety measure to prevent identity fraud is to never tick the “remember password” button to save the information on their mobile device (32% users do this). Mobile users should also never accept the invitations of strangers or use the GPS tracking locations.
A data breach caused when an Office for Nuclear Regulation official lost an USB memory containing details about safety tests at the Hartleport power plant is currently being investigated by the authorities. While the memory stick was caring only safety “stress-test” not “significantly sensitive” data, none of the files stored had been encrypted. The stress tests the lost portable device stored are currently being carried out at European nuclear power plants in an attempt to prevent future disaster, like the nuclear disaster at Fukushima power plant caused by the Japan earthquake last year.
According to an official ONR statement, the reports contained by the memory stick would have been made public after their completion, yet the office completely forbids the use of unencrypted devices for transporting documents with security classification. This means that the official responsible for the breach has broken ONR security regulations. The Hartlepool plant, operated by EDF Energy, confirmed the lost USB stick did not have important data. They also mentioned that when they would have been published, the results of the tests would have been less detailed. Read more
99% of small healthcare organizations in North America suffered a data breach in the past 12 months and more than 70% do not have enough budget to invest in risk management solutions to be able to comply with legal requirements and industry standards. These are the key findings of a new survey by the Ponemon Institute.
The Ponemon Institute surveyed more than 700 IT and administrative professionals in healthcare organizations that employ a maximum 250 people.
“Cybercriminals are hunting for medical records,” said Larry Ponemon, chairman and founder of Ponemon Institute. “The most serious issue is just the complacency small healthcare providers seem to exhibit with respect to securing patient records.” Read more
Highly experienced professionals are very hard to find, as enterprises have to go through lengthy processes to hire security experts who, although very experienced, are rather rare. Organizations that work with more than 2000 members report increases in salary and number opportunities to grow and ascend for trained and experienced security professionals, despite the slow economic environment. These are the key findings of the (ISC)2 2012 Career Impact Survey.
According to the survey, 96% of security professinals are currently employed and only as low as 7% of information security professionals were unemployed at any point during the last year. Moreover, over 70% or respondents received a salary increase in 2011 and more than half expect to receive an increase in 2012. More than half of those who changed jobs said they did so because they had opportunities for advancement. Read more
To improve British police abilities to prevent growing cybercrime, UK authorities established three regional e-crime fighting units in Yorkshire and the Humber, the Northwest and in East Midlands, each having a team of three dedicated police officers.
They will work side by side with the Metropolitan Police Central e-crime Unit. The establishment of regional offices is part of the UK government’s plan to spend 30 million ponds over four years to improve the country’s ability to investigate and diminish cybercrime. Read more
Law enforcement agencies worldwide are getting better at catching cybercriminals, scoring some big cybercrime busts and getting better at detecting and investigating data breaches. Officials worldwide detected five times as many breaches in 2011 as in 2010, according to new data in the Trustwave’s 2012 Global Security Report. About 33% of organizations with data breaches discovered the incidents when alerted by law enforcement, up from 7% in 2010. These good results for law enforcement are mostly powered by the work of the U.S. Secret Service, Interpol, the Australian Federal Police, and the U.K.’s Serious Organised Crime Agency (SOCA).
Only 16% of victim organizations detected hacking incidents on their own in 2011, while the other 84% only discovered them when alerted by outside entities, such as law enforcement, regulatory bodies, or a public venue. When analyzing the circumstances of the hacks discovered by third parties, it’s been discovered attackers had been active within the victim organization’s network for an average of 173.5 days before being detected. Read more
Stolen hardware, and particularly laptops, is still a very common cause for data breaches, especially when it comes to hospitals and other healthcare companies. Three recent incidents have all involved patient details being exposed to identity theft, fraud and other risks, after being taken together with laptops held in medical offices.
While in some cases the stolen portable computers happened to be password protected, none of them had been encrypted to better prevent access to stolen private records. Read more