security

Epsilon a victim of spear-phishing attack

The massive data breach at Epsilon may have been caused by a targeted spear-phishing campaign that the company should have known about for at least 4 months. According to sources, Epsilon and Atlanta-based Silverpop, another email service provider, were both victims of a series of social engineering attacks directed specifically against email service providers. Click Here to read more.

RSA hackers exploited Flash zero-day bug

Last month’s hack of RSA Security began with an exploit of a then unpatched vulnerability in Adobe Flash Player. According to RSA, the attackers gained access to its network by sending two small groups of employees e-mail attachments. Click Here to read more.

Failure to encrypt portable devices inexcusable, say analysts

The continuing failure by most enterprises to encrypt sensitive data stored on laptops and other mobile devices is inexcusable, analysts said. BP disclosed this week that data was compromised regarding a lost laptop. The computer contained unencrypted personal data such as names, Social Security numbers, etc belonging to 13,000 individuals. Click Here to read more.

Did hackers nab RSA SecurID's secret sauce?

RSA is scrambling to reaffirm that the strength of its SecurID technology is not diminished. There is no clear indication if RSA will be forced to change its SecurID as a result, but there is already some speculation that attackers gained some information about the "Secret Sauce" that RSA uses in its SecurID authentication. Click Here to read more.

RSA's SecurID Authentication was compromised

Information regarding RSA’s SecureID authentication products was stolen and businesses that use this technology should be aware. According to RSA, “our security systems identified an extremely sophisticated cyberattack in progress being mounted…Out investigation has led us to believe that the attack is in the category of an Advanced Persistent Threat (APT). Out investigation also revealed that the attack resulted in certain information being extracted from TSA’s systems and that some of that information is specifically related to RSA’s SecurID two-factor authentication products.” Click Here to read more.

Corporate Data Breach

According to NetworkWorld.com, the cost of an average corporate data breach is approximately $7.2 million, up from $6.8 in 2009. The top 3 causes of data breach were negligence (41%), malicious or criminal attacks (31%), and system failure (25%). You can read more about this subject by clicking here.