computer security

#InformationSecurity News - iPhones Secretly Send Call History to Apple

Apple emerged as a guardian of user privacy this year after fighting FBI demands to help crack into San Bernardino shooter Syed Rizwan Farook’s iPhone. The company has gone to great lengths to secure customer data in recent years, by implementing better encryption for all phones and refusing to undermine that encryption.
But private information still escapes from Apple products under some circumstances. The latest involves the company’s online syncing service iCloud.
Russian digital forensics firm Elcomsoft has found that Apple’s mobile devices automatically send a user’s call history to the company’s servers if iCloud is enabled — but the data gets uploaded in many instances without user choice or notification.
“You only need to have iCloud itself enabled” for the data to be sent, said Vladimir Katalov, CEO of Elcomsoft.

Read the full story at The Intercept:

#InformationSecurity News - 3/13/15

#InformationSecurity News - 1/27/15

  • Reporting HIPAA Breaches: A New Approach - The Department of Health and Human Services is taking steps to make the process of using online tools to report breaches more efficient, hoping that will help ease the launching of investigations. More at Healthcare Info Security
  • Sixty percent of organizations have increased their security spending by one-third -- but many security managers still don't think that's enough, Ponemon study finds. Details via InformationWeek DarkReading.  
  • The details of three high-severity vulnerabilities affecting Apple’s OS X operating system have been disclosed over the past two days by Google. The security holes were made public this week after the 90-day disclosure deadline given by Project Zero to vendors expired. Learn more at Security Week
  • As a result of President Obama's "Buy Secure" initiative, the federal government this month is kicking off its EMV rollout, which includes the issuance of chip-and-PIN cards for all federal employees and benefits programs. Read the story at Bank Info Security
  • According to the latest research by Trend Micro, a variant of Curve-Tor-Bitcoin (CTB) Locker ransomware – also known as Critroni – being distributed in a spam campaign now offers victims additional time to pay the ransom, but also requires them to pay a whole lot more than previously. Details via SC Magazine

#InformationSecurity News - 11/3/14

  • Bloomberg Businessweek on just how much cybersecurity should cost a small business a year. 
  • ‘Replay’ Attacks Spoof Chip Card Charges - read more at Krebs on Security
  • Report: Criminals use Shellshock against mail servers to build botnet - full details at CSO Online
  • Facebook, Yahoo Curb Identity Theft with New Email Ownership Header - keep reading at ThreatPost
  • Naked Security reports that "The US Senate has a few privacy-related questions it would like to ask the people in charge at Whisper, the self-proclaimed "safest place on the internet."

Upcoming: COCC Annual Client Conference & Partners Expo

WHAT: SMP to exhibit at the COCC Annual Client Conference & Partners Expo.

WHEN: Wednesday, June 11 & Thursday, June 12, 2014. 

WHERE: Hyatt Regency in Newport, Rhode Island

DETAILS: Security Management Partners will exhibit the latest IT security solutions at the the COCC Annual Client Conference & Partners Expo in Booth No. 42.