On September 13, Florida Attorney General Bill McCollum announced Irving Escobar, the alleged leader of a Florida fraud ring that used stolen credit card information linked to the TJX, data breach was sentenced to five years in prison and must pay nearly $600,000 in restitution.
Posts Tagged ‘cybercrime’
PCI DSS and Identity Theft
Monday, July 23rd, 2007Over the past month or so I’ve been discussing the Payment Card Industry (PCI) Data Security Standards (DSS) with some of my information assurance practitioner friends and colleagues and what they’ve been doing to meet the requirements and accompanying challenges. I was thinking about some of the issues over the weekend.
“Over 1 Million Computer Victims” Can Lead To Some Interesting, Awareness-Raising, Discussions
Tuesday, June 26th, 2007Here’s a great conversation starter for a nice chat with your business leaders, “The FBI has found over 1 million computers are controlled by criminal botnets.”
Be prepared to answer some follow-up questions from your business leaders after telling them this, such as…
New Information Security and Cybercrime Initiatives Planned in the EU
Monday, June 4th, 2007As cybercrime continues to occur in more varied ways, as more incidents are reported every day, as new threats emerge, as more vulnerabilities are found within software and systems, often within those products that companies buy to improve security, the more bills, plans, initiatives and laws that emerge worldwide to address these issues.
Web Hackers Fined $15 Million by SEC
Sunday, June 3rd, 2007I remember reading in an issue of 2600 The Hacker Quarterly magazine several years back about how easy it is to commit crime, without being noticed, by hacking poorly secured web sites.
Hacking is often viewed to be a safe, almost anonymous, type of crime that is often very hard to pin upon one individual.
Insider Threat Example: Engineer Leaks U.S. Military Secrets
Friday, May 11th, 2007There has been a lot of talk and blogging recently about whether or not there is a need for an information security industry/profession. Um sure, and there is no need for the physical security industry/profession either, is there?
As long as humans touch information in any way, electronically or physically, information security will be needed to provide them with policies, procedures, standards, guidance, training, ongoing awareness, and responding to and fixing the security messes and privacy breaches they cause.
SMBs, Identity Theft & Insider Threat: Bad SMB Security Impacts Organizations of All Sizes
Wednesday, April 18th, 2007There are many articles written about the insider threat, several have been done, and often the focus is on large organizations where those employees with malicious intent are often either in positions of trust way down in the org chart, or the perpetrator is the person at the helm of the organization.
How Good are the Security Practices for “America’s Most Admired Companies 2007”?
Tuesday, March 6th, 2007Yesterday CNN reported the results of the FORTUNE 2007 survey of business people for the companies, in any industry, they admired most.
The rankings were based upon 8 key score areas:
