The Finnish security provider F-Secure concludes the attack e-mail doesn't look too complicated. In fact, it's very simple. But the exploit inside Excel was a zero-day attack at the time and RSA couldn't have protected against it by patching its systems.
The bright spot is that 36 percent of the takeover incidents reported in 2010 were stopped before fraudulent funds transfers were approved. That's an improvement from 2009, when only 20 percent were thwarted.
Preliminary results of our inaugural Healthcare Information Security Today survey, which is still open for participation, show that only about half of healthcare organizations have a plan in place to comply with the HITECH Act breach notification rule.
"We face a broad threat ... and each consumer has to understand that their part in protecting both their own finances and the financial infrastructure, together, is a very large part," says Ian Harper, Pentagon Federal Credit Union.
Small businesses have room to improve when it comes to fraud prevention. And according to a recent study commissioned by TD Bank, a lack of understanding and apathy are challenges that need to be overcome.
The compliance deadlines are aggressive - but so are today's threats, says Vishal Salvi, CISO of HDFC Bank, discussing the challenges of meeting the Reserve Bank of India's new information security standards.
We're pleased that two members of Congress have asked the Government Accountability Office to study whether federal regulators are adequately addressing the security risks involved in using wireless medical devices.
Experts advise healthcare organizations that are considering using cloud computing to ask vendors tough questions about privacy and security and carefully consider whether they need additional liability insurance coverage to address the risks involved.