BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

News: Having "fun" with the data set

From: David Shettler <dave () opensecurityfoundation org>
Date: Fri, 25 Sep 2009 09:32:17 -0400
http://datalossdb.org/incident_highlights/37-having-fun-with-the-data-set

We recently had an inquiry regarding whether or not we could store
more details about certain breaches, specifically the type of Hack
(for hack related breaches) that was used, or the application that
ended up being breached. Neat ideas, of course, and we've considered
them ourselves on several occasions, given that we have OSVDB as our
sister project. We've always wanted to use both, or tie them together,
however, we run into some issues in doing so. One big one is that we
rarely know the cause of a given breach. That information is simply
not disclosed the vast majority of the time. Neither is the
application that was exploited, in fact, I can't recall a single
instance of a specific vendor's product being named in our data set
(but I suppose there might be a couple if I looked hard enough).

Adding new fields to the database is a fairly straight-forward thing
to do, but, we don't like to do it unless we can at least somewhat
consistently populate these fields. A visitor suggested Primary
Sources, so for fun, we searched them.

Querying for "sql injection" yields 21 primary sources results,
associated with roughly a dozen unique incidents, give or take. It was
more results than I thought we'd have, anyways. But more than
anything, it made me wonder what other interesting queries could be
made. So, I tried a few:

Querying for "search engine" or for "google" yielded some delightful
entries about stuff getting indexed.

Querying for "encryption key" had some interesting results where the
encryption key had been lost with the encrypted systems/media.

My personal favorite! Querying for "no reason to believe" showed just
how cliche that term is in data breach notification letters, returning
over 15% of all primary sources.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php
Previous By Date Next
Previous By Thread Next

Current thread: