Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Verizon 2014 Data Breach Report SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Verizon 2014 Data Breach Report

Verizon have released their 2014 Data Breach Report which is classified in 9 attack patterns, each have their own section grouped by industries. Their 60 pages reports provides some interesting statistics that are well illustrated, for example: servers are still the primary target because actors know that is where the data is likely to be. This isn't really a surprise that "They plainly show that attackers are getting better/faster at what they do at a higher rate than defenders are improving their trade."[3]

The report can be downloaded here.



Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu


499 Posts
ISC Handler
May 4th 2014
Interesting, a company that colludes with others to get data is writing about it? Hummm So who is monitoring the monitor? I will use the "onion" when visiting their site or other means to block their "widgets and beacons"

Quote:Debra Lewis, a Verizon Wireless spokeswoman, explained to me that when a customer registers on the company's "My Verizon" website to see a bill or watch TV online, a "cookie," or tracking software, is downloaded onto the customer's home computer.

Most cookies are benign, allowing websites to provide better service to frequent visitors.

Quote:Verizon Wireless' cookie allows a data-collection company working on Verizon's behalf — Lewis declined to name which one — to gather information on which sites you visit after you leave "My Verizon."

That information is "anonymized," Lewis said, to mask the Verizon customer's identity and is then shared with marketers, which can use the info to provide ads on the customer's Verizon Wireless device that match his or her home-computer interests.

52 Posts
It's cool that they reference the SANS Critical Security Controls! Page 50

88 Posts

Sign Up for Free or Log In to start participating in the conversation!