Data Security: Social Engineering Still More Effective Than Zero-Day Hacks.

According to a security company’s 100 penetration attempts, most organizations succumb to five attacks, none of which involve malware or zero-day flaws. The top five attacks, according to darkreading.com: abuse of weak domain user passwords — used in 66% of Praetorian pen testers’ successful attacks broadcast name resolution poisoning (like WPAD) — 64% local admin […] read more

HHS Laptop Encryption: Arizona Counseling and Treatment Services Announces Data Breach.

Dissent at phiprivacy.net brings us news that the Arizona Counseling and Treatment Services, located in the city of Yuma, has announced the theft of an employee’s laptop computer with personal patient information.  Although it’s not spelt out, it appears pretty evident that laptop disk encryption for protecting PHI like AlertBoot was not used. When it […] read more

Data Security: Formspring Resets 28 Million Passwords After Hashed Password Leak.

Following the password leaks of LinkedIn, eHarmony, and Last.fm from last month, Formspring, described as a question-and-answer website, has announced and plugged up a password leak.  One differentiating factor: Unlike the earlier data breaches Formspring used proper data security, at least in name only: they first salted their passwords before hashing them. 420,000 Passwords Post […] read more

Mobile Device Security: InfoSecurity Europe Survey Shows 44% Don’t Encrypt.

Paranoia.  It’s one quality that grows in you — if you didn’t suffer from it already —  if you work in the information security space.  But, apparently it doesn’t affect everyone.  A survey was taken among participants of London’s InfoSecurity Europe show last year.  The show being what it is, it’s not far-fetched to assume […] read more

Disk Encryption: Biannual Healthcare Survey Shows Jump In Electronic Device Data Breaches.

A survey by the Healthcare Information and Management Systems Security (HIMSS) organization shows that US healthcare organizations are experiencing increased patient data breaches, fed by the introduction and growth of electronic records.  The use of full disk encryption software like AlertBoot can counter such malignant developments, seeing how laptops and other portable devices account for […] read more