http://www.csoonline.com/article/2928928/disaster-recovery/heartland-issues-breach-notification-letters-after-computer-theft.html By Steve Ragan Salted Hash CSO Online June 1, 2015 In a letter to the California Attorney General, Heartland Payment Systems has disclosed a data breach impacting personal information. The letter states that the data exposure is the result of a break-in at one of their offices, which included stolen computers. The notification letter says that the theft took place at Heartland’s Santa Ana, California offices on May 8. The incident involved the theft of many items including password protected computers that might have contained Social Security Numbers and / or banking information that is processed by employers. “We have seen no evidence suggesting that the data has been accessed on the stolen computers or used in any way, and we have no reason to believe any such use will occur. We have involved state and federal regulatory and law enforcement agencies to assist us in determining how to proceed with the matter at hand,” the notification letter states. In 2008 Heartland was the victim of one of the world’s first major data breaches that exposed 130 million U.S. credit and debit cards. […]
http://www.eweek.com/mobile/wearables-maker-jawbone-sues-fitbit-over-alleged-data-theft.html By Todd R. Weiss eWEEK.com 2015-05-28 Wearables vendor Jawbone is suing rival Fitbit based on allegations that Fitbit hired away some Jawbone employees who then took confidential corporate information with them to their new jobs. The lawsuit, which was filed in California State Court in San Francisco, charges that Fitbit employees were “systematically plundering” confidential information by hiring the former Jawbone workers, who “improperly downloaded sensitive materials shortly before leaving,” according to a May 27 report by The New York Times. “This case arises out of the clandestine efforts of Fitbit to steal talent, trade secrets and intellectual property from its chief competitor,” Jawbone lawyers wrote in the complaint, according to the story. The lawsuit comes at an interesting time for Fitbit, which earlier in May filed for an initial public offering. The company has been in the business of creating and selling a full line of health tracking and fitness bands since 2007. […]
Cool Vendors in security intelligence offer highly innovative technologies that address an organization’s demand for data-driven analytics, techniques in obfuscation and deception, and advanced detection solutions. CISOs should use this research when evaluating technology trends for planning. … illusivenetworks.com ) Analysis by Avivah Litan and Lawrence Pingree Why Cool: Illusive networks offers advanced attack deception … California ( trapx.com ) Analysis by Craig Lawson, Lawrence Pingree and Oliver Rochford Why Cool: TrapX Security is …
Gartner clients can access this research by clicking here.
This research looks at various segments relevant to Imperva — Web application firewalls (WAFs), data-centric audit and protection (DCAP), cloud security, and cloud access security brokers (CASBs) — to provide the reader with the ability to assess the company’s prospects. Based in Redwood Shores, California, Imperva provides hardware and software cybersecurity solutions designed to protect data and applications in the cloud and on-premises. Customers use these solutions to discover assets and risks, protect information, and comply with regulations. …
Gartner clients can access this research by clicking here.
http://krebsonsecurity.com/2015/05/foiling-pump-skimmers-with-gps/ By Brian Krebs Krebs on Security May 4, 2015 Credit and debit card skimmers secretly attached to gas pumps are an increasingly common scourge throughout the United States. But the tables can be turned when these fraud devices are discovered, as evidenced by one California police department that has eschewed costly and time-consuming stakeouts in favor of affixing GPS tracking devices to the skimmers and then waiting for thieves to come collect their bounty. One morning last year the Redlands, Calif. police department received a call about a skimming device that was found attached to a local gas pump. This wasn’t the first call of the day about such a discovery, but Redlands police didn’t exactly have time to stake out the compromised pumps. Instead, they attached a specially-made GPS tracking device to the pump skimmer. At around 5 a.m. the next morning, a computer screen at the Redlands PD indicated that the compromised skimming device was on the move. The GPS device that the cops had hidden inside the skimmer was beaconing its location every six seconds, and the police were quickly able to determine that the skimmer was heading down a highway adjacent to the gas station and traveling at more than 50 MPH. Using handheld radios to pinpoint the exact location of the tracker, the police were able to locate the suspects, who were caught with several other devices implicating them in an organized crime ring. […]
http://www.nextgov.com/defense/2015/04/heres-how-you-hack-drone/111229/ By Aliya Sternstein Nextgov.com April 27, 2015 Research studies on drone vulnerabilities published in recent years essentially provided hackers a how-to guide for hijacking unmanned aircraft, an Israeli defense manufacturer said Monday. A real-life downing of a CIA stealth drone by Iranians occurred a month after one such paper was published, noted Esti Peshin, director of cyber programs for Israel Aerospace Industries, a major defense contractor. In December 2011, the Christian Science Monitor reported that Iran navigated a CIA unmanned aerial vehicle safely down to the ground by manipulating the aircraft’s GPS coordinates. The 2011 study, co-authored by Nils Ole Tippenhauer of ETH Zurich and other ETH and University of California academics, was titled “The Requirements for Successful GPS Spoofing Attacks.” The scholars detailed how to mimic GPS signals to fool GPS receivers that aid navigation. “It’s a PDF file… essentially, a blueprint for hackers,” Peshin said. […]
http://www.nextgov.com/cybersecurity/2015/03/pentagon-personnel-are-talking-nsa-proof-smartphones/108820/ By Aliya Sternstein Nextgov.com March 30, 2015 The Defense Department has rolled out supersecret smartphones for work and maybe play, made by anti-government-surveillance firm Silent Circle, according to company officials. Silent Circle, founded by a former Navy Seal and the inventor of privacy-minded PGP encryption, is known for decrying federal efforts to bug smartphones. And for its spy-resistant “blackphone.” Apparently, troops don’t like busybodies either. As part of limited trials, U.S. military personnel are using the device, encrypted with secret code down to its hardware, to communicate “for both unclassified and classified” work, Silent Circle chairman Mike Janke told Nextgov. In 2012, Janke, who served in the Navy’s elite special operations force, and Phil Zimmermann, creator of Pretty Good Privacy (PGP, in short), started Silent Circle as a California-based secure communications firm. The company is no longer based in the United States, ostensibly to deter U.S. law enforcement from seeking access to user records. […]
http://www.networkworld.com/article/2902506/security0/cash-it-security-threaten-nasa-deep-space-network-operation.html By Michael Cooney Layer 8 Network World March 26, 2015 Money needed for upgrades to older equipment and IT security issues continue to drag on NASA, according to a report issued this week by the space agency’s Office of Inspector General. The report focuses on NASA’s Deep Space Network, which through variety of antennas and transmitters at communications complexes in three locations: Goldstone, California; Madrid, Spain; and Canberra, Australia provides space missions with the tracking, telemetry, and command services required to control and maintain spacecraft and transmit science data. NASA’s international partners also use the Deep Space Net. > From the OIG report: “Much of DSN’s hardware is more than 30 years old, costly to maintain, and requires modernization and expansion to ensure continued service for existing and planned missions. Although DSN is meeting its current operational commitments, budget reductions have challenged the Network’s ability to maintain these performance levels and threaten its future reliability. Specifically, in FY 2009 the Network implemented a plan to achieve $226.9 million in savings over 10 years and use most of that savings to build new antennas and transmitters. However, in FY 2013 the NASA’s Space Communications and Navigation (SCaN) Program cut the Network’s budget by $101.3 million, causing DSN to delay upgrades, close antennas, and cancel or re-plan tasks. […]