Software Integrity Blog

Archive for the 'Data Breach Security' Category

 

Advances in healthcare security since the Anthem data breach

The Anthem data breach in 2014–2015 was the largest healthcare data breach ever. But healthcare cyber security has improved since then.

Continue Reading...

Posted in Data Breach Security, Healthcare Security & Privacy | Comments Off on Advances in healthcare security since the Anthem data breach

 

Security lessons from the House Oversight and Government Reform Committee

The U.S. House Committee on Oversight and Government Reform has more than a few things to say about responsible enterprise application security.

Continue Reading...

Posted in Data Breach Security, Open Source Security | Comments Off on Security lessons from the House Oversight and Government Reform Committee

 

Things get ‘seriously’ insecure yet again for Facebook

Facebook CEO Mark Zuckerberg has had to use variations of the word “serious” a lot over the past year—most notoriously regarding the social media giant’s sale of member data to Cambridge Analytica, which was viewed as affecting the 2016 presidential election.

Continue Reading...

Posted in Data Breach Security | Comments Off on Things get ‘seriously’ insecure yet again for Facebook

 

These hacks brought to you by ‘leaky’ APIs

Leaky APIs expose customer data for free to anyone who knows the URL. What are you doing to protect your customers from hackers targeting your APIs?

Continue Reading...

Posted in Data Breach Security, Web Application Security | Comments Off on These hacks brought to you by ‘leaky’ APIs

 

SingHealth hit with ‘unprecedented’ cyber attack

After the SingHealth cyber attack, it took a week for attackers to steal the personal data of 1.5 million people—about a quarter of the city-state’s population.

Continue Reading...

Posted in Data Breach Security, Healthcare Security & Privacy | Comments Off on SingHealth hit with ‘unprecedented’ cyber attack

 

GDPR raises the stakes on data breaches

Another week, another list of data breaches resulting from vulnerabilities in third-party contractors for high-profile companies.

Continue Reading...

Posted in Data Breach Security, Software Compliance, Quality & Standards | Comments Off on GDPR raises the stakes on data breaches

 

Timehop breach provides GDPR response template

The Timehop breach disclosed 21 million individuals’ account information. And now we know what public disclosure of a breach might look like under GDPR.

Continue Reading...

Posted in Data Breach Security, Software Compliance, Quality & Standards | Comments Off on Timehop breach provides GDPR response template

 

Security IRL at RSA Conference 2018

We took the opportunity at RSA Conference last month to survey our booth visitors about their organizations’ application security programs. We’ve sponsored and conducted a number of surveys on topics ranging from DevSecOps to open source security to medical device security, but there’s something about collecting feedback from conference attendees in person that really hits home—a glimpse into security IRL, if you will. Taking a look at security IRL Most attendees (78%) reported direct roles in cybersecurity, risk management or software engineering, representing a wide range of industries. Some of the findings were far from unexpected. For example, 40% of respondents cited a lack of skilled security professionals as the biggest challenge in implementing their application security programs. We also found that a startling number of respondents didn’t even know whether their organizations were the target of a cyber attack in the last two years.

Continue Reading...

Posted in Data Breach Security | Comments Off on Security IRL at RSA Conference 2018

 

How does the TeenSafe data leak present a classic false sense of security?

Security researcher Robert Wiggins recently uncovered a serious security issue in the TeenSafe “secure” monitoring product for Android and iOS platforms.

Continue Reading...

Posted in Cloud Security, Data Breach Security, Software Architecture & Design | Comments Off on How does the TeenSafe data leak present a classic false sense of security?

 

Office 365 email protection gets blindsided

Maybe you could call it two-factor fakery.

Continue Reading...

Posted in Data Breach Security | Comments Off on Office 365 email protection gets blindsided