Around The Web

BANKINFOSECURITY.COM
Database Security Policies Needed
Unisphere Research Analyst Joe McKendrick and Thom VanHorn of Application Security discuss how the database has become the main target for hackers and negligent insiders

IHOTDESK
Hackers Claim Attack On Apple
Anonymous reportedly has posted Apple usernames and passwords, although the group claims to have posted customer data

PC WORLD
Oracle Hedging Its Vulnerability Reports?
AppSec attacks what it believes is Oracle's less-than-stellar record recently in shoring up its database products with timely patches and good information for customers mitigating vulnerabilities within their database deployments

MSNBC
'X Factor' Hopefuls Lost Personal Data In Hack
The personal information of 250,000 potential contestants of Simon Cowell's new show, X Factor, was exposed through a database hack

CHICAGO TRIBUNE
Victims' Accounts 'Plundered' In Michaels Data Breach In Chicago
The total damage is still unknown, but law enforcement has confirmed 16 known cases of fraud as a result of the attack against payment card scanners in craft stores

STAR TRIBUNE
Another E-Mail Breach For Best Buy
Best Buy this month reported another major e-mail database breach at the hands of an outsourced e-mail provider, closely following on the heels of the Epsilon incident--company representatives did not disclose how big the breach was but indicated that it was unrelated to the Epsilon breach

YOUR NEWS NETWORK
Federal Class Action Lawsuit Over Data Leak
A database breach that exposed the personal details of three million State of Texas employees on a public server for over a year galvanized the victims to file a class-action lawsuit against State Comptroller Susan Combs

RETAIL INFO SYSTEMS NEWS
The Children's Place Hit with E-Mail Database Breach
Hackers struck CheetahMail, the e-mail service provider of retail outfitter The Children's Place, to loot the e-mail database of the 995-outlet chain and send its customers phishing e-mails that could collect data for further attacks

NETWORK WORLD
Data Breach Fines Can Risk More Harm Than Good, Experts Say
Some security experts wonder if the threat of compliance fines is unduly affecting security practices at firms, causing them to choose practices that will most easily satisfy auditors without really securing infrastructure such as databases

SC MAGAZINE
Barracuda Hack Highlights Importance Of Defense-In-Depth
A SQL injection attack that plagued security firm Barracuda Networks while its Web application firewall was down allowed hackers to plunder information about customers, partners, and employees and showed the importance of testing layers of security during scheduled maintenance windows

ZDNET
University In 'Serious' Data Breach; Publishes 17,000 Students' Data
A British university exposed the records of 17,000 students when it was discovered that anyone could access the database containing student records through the school's website without any authentication

IHEALTHBEAT
Office For Civil Rights Seeks Additional Funding For Data Breach Policing
The Department of Health and Human Services' Office for Civil Rights is requesting $5.6 million more in 2012 from lawmakers in order to enforce HIPAA regulations as they relate to data breaches

SECURITY MANAGEMENT
Data Breach Preparedness Plan
Companies need to prepare for the inevitability of a database breach with proactive incident response procedures and planning, all the way up to writing a customer letter in advance

THINQ
Pirate Bay User Accounts Hacked By Spammers
Pirate Bay was plagued with another email database break-in, as users report being flooded by spam since February

THE REGISTER
Interworx Admits Password Security FAIL Led To Attack On Users
Web-hosting control panel firm Interworx admitted that a hack of its support desk database exposed users' login credentials because it was storing email and password data in plain text

ITNEWS.COM.AU
US Security Expert Reveals Worm Compromise
University of Illinois at Urbana-Champaign professor Marianne Winslett says organizations need to do a better job with time stamps and integrity checks to prevent database tampering by crashing systems and using old backups

SEARCH SECURITY
Database Monitoring Best Practices: Using DAM Tools
Best practices in implementing database activity monitoring tools to better detect and prevent SQL injection attacks

INFOSECURITY.COM
Advances In Health Care It Increase Data Breach Risks, Says Deloitte
Experts at Deloitte warn in a new report that as the health care industry hurtles toward more electronic health record adoption, it increases the already high risk of exposing patient data if it doesn't improve its security tactics

ORACLE
Oracle Critical Patch Update Advisory - October 2010
Oracle patches 85 new critical fixes across a range of its product suites, including database management systems.

INSURANCE DAILY
Chubb Launches Healthcare IT Liability Product
Insurance giant Chubb offers a product designed to offer insurance in case of a database breach in the healthcare environment.