As application monitoring and troubleshooting becomes more difficult, security professionals are relying on the use of system tools to ease the process. In this tip, contributor Noah Schiffman gives an overview of the new RE:trace framework, and discusses how the tool can be used to discover and exploit application vulnerabilities.
Source: feeds.feedburner.com
Billing records of 2.2 million stolen
The University of Utah Hospitals & Clinics said Tuesday that a metal box of backup tapes containing billing records for about 2.2 million patients and guarantors was stolen from a car belonging to a storage contractor’s employee. The driver for Perpetual Storage violated the storage company’s policies for secure data transport, officials said. The theft, which [...]
The University of Utah Hospitals & Clinics said Tuesday that a metal box of backup tapes containing billing records for about 2.2 million patients and guarantors was stolen from a car belonging to a storage contractor’s employee.
The driver for Perpetual Storage violated the storage company’s policies for secure data transport, officials said. The theft, which occurred June 2, is under investigation by the Salt Lake County Sheriff’s Department, the FBI and the U.S. Postal Service. The University of Utah Hospitals & Clinics is offering a $1,000 reward for return of the tapes.
The billing records included patient names, demographic information and diagnostic codes. Records for a subset of 1.3 million patients also contained Social Security numbers.
Although officials said there is no evidence that the data on the tapes has been accessed, the health care system is notifying the affected individuals, providing them with credit monitoring, and taking additional steps to safeguard its records. It also suspended deliveries of backup tapes to Perpetual Storage pending a review of procedures.
Source: feeds.feedburner.com
TrendLabs warns of fake Microsoft critical updates
The members of TrendLabs’ Content Security Team is warning its customers about a fake email that purportedly comes from Microsoft, urging people to update their systems to correct a critical security issue. The Trend Micro folks admit that the fake notifications email is similar to those sent many times in the past since it’s pretty successful [...]
The members of TrendLabs’ Content Security Team is warning its customers about a fake email that purportedly comes from Microsoft, urging people to update their systems to correct a critical security issue.
The Trend Micro folks admit that the fake notifications email is similar to those sent many times in the past since it’s pretty successful in tricking end-users. Trend shared this image of the fake email. 
Source: feeds.feedburner.com
Lessons learned from TJX: Best practices for enterprise wireless encryption
The TJX data breach revealed all too well the weaknesses of the Wired Equivalent Privacy security model. The retailer's well-documented compromise of more than 94 million credit card numbers proved that intruders can easily take advantage of unprotected networks. In this tip, Mike Chapple reviews some best practices that will minimize an organization's exposure.
Source: feeds.feedburner.com
Stopping malware in its tracks
There's no such thing as a cure-all for stopping malware. Effective malware defense demands a keen attention to detail and careful planning. Expert Lenny Zeltser offers a malware-defense blueprint every enterprise can follow, plus plenty of free tools to help along the way.
Source: feeds.feedburner.com
