illurity-logo
Log in

Site menu:

Categories

Tags

Site search

September 2018
M T W T F S S
« Dec    
 12
3456789
10111213141516
17181920212223
24252627282930

Links:

Archives

National Breach Notification Laws

As a follow-up to a post from February 2009, I’m mostly happy to comment on the recent progress that’s been made toward the establishment of National breach notification laws. As reported on November 5, 2009 by GovInfoSecurity.com, “the Senate Judiciary Committee Thursday approved two companion bills that would require businesses and government agencies to notify […]

Fooled by Information Asymmetry

On July 24, 2009 Trina Thompson sued her alma mater, Monroe College for the full cost of her tuition after graduating with a bachelor of business administration degree in information technology. Why? Because she couldn’t find a job. Before sympathizing with Thompson’s claim that “they [the counselors] have not tried hard enough to help me”, […]

Rumors and Preparedness

There are rumors circulating around SANS and full-disclosure circles that there is a 0day SSH exploit in the wild that might be announced sometime around the upcoming Black Hat event. Whether or not it is true is to be seen, but beyond the question of “is it or isn’t it,” it’s interesting to consider the […]

Determine the scope? How?

Not a month after the Heartland breach, we now have reports of another malware-driven payment system breach of as-yet unknown proportions. Despite the proliferation of anti-threat devices and well-intentioned compliance programs such as PCI, we continue to see an increase in the number and cost of reported data breaches. The ITRC reported 656 breaches in […]