Threat Level: green Handler on Duty: Didier Stevens

SANS ISC Diaries by Keyword


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
DateAuthorTitle

ARRA HIPAA BREACH TLS

2009-05-09Patrick NolanUnusable, Unreadable, or Indecipherable? No Breach reporting required

ARRA

2009-06-06/a>Patrick NolanARRA/HIPAA Breach Reporting Dates Approaching
2009-05-09/a>Patrick NolanUnusable, Unreadable, or Indecipherable? No Breach reporting required

HIPAA

2012-05-31/a>Johannes UllrichSCADA@Home: Your health is no secret no more!
2009-06-06/a>Patrick NolanARRA/HIPAA Breach Reporting Dates Approaching
2009-05-09/a>Patrick NolanUnusable, Unreadable, or Indecipherable? No Breach reporting required

BREACH

2015-04-08/a>Tom WebbIs it a breach or not?
2015-03-21/a>Russell EubanksHave you seen my personal information? It has been lost. Again.
2014-12-01/a>Guy BruneauDo you have a Data Breach Response Plan?
2014-08-23/a>Guy BruneauNSS Labs Cyber Resilience Report
2014-06-13/a>Richard PorterA welcomed response, PF Chang's
2013-12-21/a>Daniel WesemannAdobe phishing underway
2013-10-05/a>Richard PorterAdobe Breach Notification, Notifications?
2013-10-04/a>Johannes UllrichThe Adobe Breach FAQ
2013-07-22/a>Johannes UllrichApple Developer Site Breach
2013-07-21/a>Guy BruneauUbuntu Forums Security Breach
2013-02-22/a>Johannes UllrichZendesk breach affects Tumblr/Pinterest/Twitter
2013-01-04/a>Daniel WesemannBlue for Reset?
2012-11-22/a>Kevin ListonGreek National Arrested on Suspicion of Theft of 9M Records on Fellow Greeks
2012-07-16/a>Jim ClausingAn analysis of the Yahoo! passwords
2012-06-06/a>Jim ClausingPotential leak of 6.5+ million LinkedIn password hashes
2012-01-16/a>Kevin ShorttZappos Breached
2011-09-15/a>Swa FrantzenDigiNotar looses their accreditation for qualified certificates
2011-09-07/a>Lenny ZeltserGlobalSign Temporarily Stops Issuing Certificates to Investigate a Potential Breach
2011-09-06/a>Swa FrantzenDigiNotar audit - intermediate report available
2011-09-01/a>Swa FrantzenDigiNotar breach - the story so far
2011-06-21/a>Chris MohanStartSSL, a web authentication authority, suspend services after a security breach
2011-05-30/a>Johannes UllrichLockheed Martin and RSA Tokens
2011-05-25/a>Lenny ZeltserMonitoring Social Media for Security References to Your Organization
2011-04-28/a>Chris MohanDSL Reports advise 9,000 accounts were compromised
2011-04-20/a>Daniel WesemannData Breach Investigations Report published by Verizon
2011-04-04/a>Mark HofmanWhen your service provider has a breach
2011-03-25/a>Rob VandenBrinkThe Recent RSA Breach - Imagining the Worst Case, And Why it Isn't Time to Panic (Yet)
2010-12-28/a>John BambenekMozilla Notifies of Relatively Minor Security Breach
2010-07-29/a>Rob VandenBrinkThe 2010 Verizon Data Breach Report is Out
2010-06-10/a>Deborah HaleiPad Owners Exposed
2010-04-13/a>Johannes UllrichApache.org Bugtracker Breach
2009-07-28/a>Adrien de BeaupreYYAMCCBA
2009-07-23/a>John BambenekMissouri Passes Breach Notification Law: Gap Still Exists for Banking Account Information
2009-06-06/a>Patrick NolanARRA/HIPAA Breach Reporting Dates Approaching
2009-05-09/a>Patrick NolanUnusable, Unreadable, or Indecipherable? No Breach reporting required
2009-05-05/a>Bojan ZdrnjaHealth database breached
2009-04-24/a>John BambenekData Leak Prevention: Proactive Security Requirements of Breach Notification Laws
2009-04-15/a>Marcus Sachs2009 Data Breach Investigation Report
2009-02-08/a>Mari NicholsAre we becoming desensitized to data breaches?
2009-01-30/a>Mark HofmanWe all "Love" USB drives

TLS

2015-05-20/a>Brad DuncanLogjam - vulnerabilities in Diffie-Hellman key exchange affect browsers and servers using TLS
2015-02-11/a>Johannes UllrichDid PCI Just Kill E-Commerce By Saying SSL is Not Sufficient For Payment Info ? (spoiler: TLS!=SSL)
2014-08-11/a>Bojan ZdrnjaVerifying preferred SSL/TLS ciphers with Nmap
2014-06-12/a>Johannes UllrichMetasploit now includes module to exploit CVE-2014-0195 (OpenSSL DTLS Fragment Vuln.)
2014-03-04/a>Daniel WesemannTriple Handshake Cookie Cutter
2011-09-22/a>Rob VandenBrinkTLS 1.2 - Look before you Leap !
2011-09-20/a>Kevin ListonSSL/TLS Vulnerability Details to be Released Friday
2011-07-10/a>Raul SilesSecurity Testing SSL/TLS (HTTPS) Implementations
2010-07-23/a>Mark HofmanA bit old, however CISCO has updated the November 2009 TLS renegotiation vulnerability with additional vulnerable products and patch information. More details here http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.shtml
2010-04-25/a>Raul SilesManual Verification of SSL/TLS Certificate Trust Chains using Openssl
2010-02-10/a>Marcus SachsVulnerability in TLS/SSL Could Allow Spoofing
2009-11-13/a>Adrien de BeaupreTLS & SSLv3 renegotiation vulnerability explained
2009-11-06/a>Andre LudwigNew version of OpenSSL released - OpenSSL 0.9.8l
2009-11-05/a>Swa FrantzenTLS Man-in-the-middle on renegotiation vulnerability made public
2009-10-16/a>Adrien de BeaupreCyber Security Awareness Month - Day 16 - Port 1521 - Oracle TNS Listener
2009-05-09/a>Patrick NolanUnusable, Unreadable, or Indecipherable? No Breach reporting required