Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Target Breach: 10 Facts
Oldest First  |  Newest First  |  Threaded View
<<   <   Page 3 / 3
Joe Stanganelli
Joe Stanganelli,
User Rank: Ninja
12/27/2013 | 6:27:50 PM
Re: Lets Try Some Facts.....
@virsingh: Chip and Pin/EMV technology has more than its fair share of security problems, too.

Laughably (unless you're someone affected by it), a big part of the problem with EMV for consumers is that when there is a breach, it is difficult for consumers to convince the banks because of the commonly held fallacy that "EMV is secure."
Joe Stanganelli
Joe Stanganelli,
User Rank: Ninja
12/27/2013 | 6:33:50 PM
Re: When?
Theoretically, depending upon the particular situation, disclosing a data breach before knowing how the breach occurred and if it has been fully fixed yet potentially invites more attacks.  It can be a balancing act between doing the right thing by your affected customers and preventing further harm to additional customers.
virsingh211
virsingh211,
User Rank: Apprentice
12/30/2013 | 3:05:42 AM
Re: Lets Try Some Facts.....
I agree you Joe, but do you think any term like flawless technology exists. Even Cv2 was developed as a strong measure towards security but this target breach cracked this security.
<<   <   Page 3 / 3


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Developing and Testing an Effective Breach Response Plan
Whether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to: -understand the technical environment, -determine what types of incidents would trigger the plan, -know which stakeholders need to be notified and how to do so, -develop steps to contain the breach, collect evidence, and initiate recovery.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-46411
PUBLISHED: 2022-12-04
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. A default password is persisted after installation and may be discovered and used to escalate privileges.
CVE-2022-46412
PUBLISHED: 2022-12-04
An issue was discovered in Veritas NetBackup Flex Scale through 3.0. A non-privileged user may escape a restricted shell and execute privileged commands.
CVE-2022-46413
PUBLISHED: 2022-12-04
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Authenticated remote command execution can occur via the management portal.
CVE-2022-46414
PUBLISHED: 2022-12-04
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Unauthenticated remote command execution can occur via the management portal.
CVE-2022-44721
PUBLISHED: 2022-12-04
CrowdStrike Falcon 6.44.15806 allows an administrative attacker to uninstall Falcon Sensor, bypassing the intended protection mechanism in which uninstallation requires possessing a one-time token. (The sensor is managed at the kernel level.)