Retail

Third Party Vendor Source of Breach at Home Depot

Add Home Depot to the list of companies who have been victimized as a result of a third party contractor or supplier. The home improvement giant said in a statement on Thursday that the criminals that attacked the company’s network first gained access to the “perimeter” of Home Depot’s network. Target, the box store retailer, sketched out a similar scenario to describe the breach that resulted in the theft of 70 million credit cards numbers from its customers. In that case, a company that serviced HVAC systems in Target’s headquarters was reported as the source of the breach. Home Depot said that attackers were able to move within its network by elevating their level of network access and install what Home Depot described as “unique, custom-built malware” on self-checkout systems in the U.S. and Canada. The revelations about the circumstances of the breach came on a day when Home Depot […]

Continue Reading

Is IoT Innovation Outpacing Our Ability To Keep It Safe?

GigaOm has an interesting, high-level piece that looks at the issue of law, liability and the Internet of Things. The article takes off from a discussion at the Download event in New York City earlier this month, wondering whether adoption of Internet of Things technologies like wearables is starting to run far ahead of society’s ability to manage them.   Specifically: is the pace of technology innovation outstripping the ability of our legal system to reign in excess and protect public safety and civil liberties? On the list of ‘what-if’s’ are some familiar questions: How to assign liability. (“If one of Google’s automated cars crashes, is it the fault of the driver or Google?”) Read more Security Ledger coverage of Internet of Things here.  What responsibility to users have to take advantage of safety features in connected products? (Does a parent’s failure to password-protect a baby monitor change the manufacturer’s liability when and […]

Continue Reading

AllSeen Alliance Announces Smart Lighting Framework

Smart lightbulbs aren’t anything new. In fact, products like the Philips Hue bulb have been in the market for years. The devices, which typically couple a standard incandescent or CF bulb with a wireless transmitter, allow lights to be managed via mobile device and also respond to environmental changes monitored by other sensors. But – as with much of the Internet of Things – each family of smart bulbs is something of an island: interacting- and communicating mostly with other smart home products from the same manufacturer. That’s good for the lightbulb maker, but bad for smart home advocates, see out-of-the box connectivity across product silos as a precursor to broad adoption of smart home technologies.   It’s also been the case that the products that have been released have often fallen short in areas like security. In August, 2013, security researcher Nitesh Dhanjani disclosed a proof of concept hack […]

Continue Reading

New York City Phone Booths Add Beacons, Stoke Controversy

The web site Buzzfeed has a scoop today about a stealthy deployment of beacon technology in Manhattan that has some privacy experts concerned. According to the exclusive report, by Buzzfeed’s Joseph Bernstein and Jeremy Singer-Vine, Titan a media company that sells ad space in more than 5,000 phone kiosk panels in New York City’s five boroughs, has installed about 500 beacons on its ad panels. The company went forward with the deployment with the blessing of New York City’s Department of Information Technology and Telecommunications (DoITT), but without any public input, Buzzfeed reported. Beacons are wireless devices that interact with mobile phones and other portable electronics. They’re used to provide location-specific data and interactions, such as advertisements linked to nearby businesses or to track the movements of an individual within a defined space (such as a show floor). In the case of the phone booth beacons, Titan and Sbordone, the company that provides the display […]

Continue Reading

Report: Home Depot Fallout Reveals History of Lax Security, Hiring

Its a truism in cyber security that behind every great hack often lies a string of bad decisions and missed opportunities. Its also true that when you dig into the details of damaging cyber incidents, the root causes are personal and psychological as often as they are technical in nature. Organizations -even sophisticated and wealthy organizations – end up making bad decisions for all the wrong reason: failing to properly assess their risk, or pursuing short term savings when long term investment is needed. Home Depot learned via law enforcement that a breach of transaction data exposed as many as 52 million credit card transactions, the largest retail credit card breach to date. But as more comes out about the breach at home improvement giant Home Depot, it starts to look a lot more like the root causes there may have started in the HR department rather than the data center. The […]

Continue Reading
1 4 5 6 7 8 15