What are the risks of “public” WiFi? Its not a great question as we do not define what “public” means. Some better questions are: What are the risks of connecting to a WiFi network run by an attacker? What are the risks of connecting to the same WiFi shared with attackers? What are the risks…
thanks to Dave Manouchehri for letting us know about the free parking at TD Place Stadium in Ottawa earlier this week! I wonder if credit card data was at risk? 🙂 Parking is hard. Ad below this line:
Have you ever heard of the supplementary validation for designated entities (a.k.a DESV)? If not, you should be happy. According to the Council’s FAQ for designated entities, “A Designated Entity is determined by an Acquirer or Payment Brand as an organization that requires additional validation to existing PCI DSS requirements. “ Organizations that view PCI…
This is an article based on old (2011) data. I used to have a post about it, but I think I lost it during a hosting provider changeover so I am going to rewrite it here referencing the old data for now. In April 2011, Ponemon (and Imperva) published the results of a study…
The Register has a story about a breach at cloudy service supplier Aptos. Aptos has several cloud services. POS in the cloud. Ecommerce in the cloud (didn’t see that one coming!). etc. The timeline of what happened is: Feb 2016 – There was a breach and malware installed in the cloud. Nov 2016 – Aptos…
Before you read the recently released 2015 Verizon DBIR, you may get some benefit from listening to the April 16th Risky Business podcast episode where Bob Rudis of Verizon speaks about the company’s annual data breach investigation report. He highlights some of the interesting findings for you! Ad below this line:
Quickly remind yourself of all the breaches over time. Who got what where and when in this great dynamic visualization at Information is Beautiful. Ads below this line.
The paper titled “Examining the Structure, Organization, and Processes of the International Market for Stolen Data” will bring you up to date on the value of several forms of stolen data (as of March 2014). The paper was written by Thomas J. Holt and Olga Smirnova and financed by US Dept of Justice. Lots of…
On Aug 27, The SSC has issued a bulletin calling for “immediate action”. And they labelled it URGENT (in ALL CAPS!). Tsk, tsk, if you have not read it yet. The main call to action appears to be “Contact your provider of antivirus solutions and ensure that you have the most recent version that will…
I like the information that the restaurant chain P.F.Chang has provided regarding their POS system data breach. The 33 affected locations are listed and instructions on how to register for an identity monitoring service are included. Other info provided: 1. WHAT HAPPENED? 2. WHEN DID P.F. Chang’s DISCOVER THIS INCIDENT? 3. WHEN DID THIS INCIDENT…
