security

CEO says hackers tried to extort data, money

Karim Hijazi knew his nightmare was just beginning when he saw that a mysterious e-mail had arrived in his inbox at 3 a.m. on May 26 that included his e-mail password and the subject line "Let us talk." Click Here to read more.

Epsilon a victim of spear-phishing attack

The massive data breach at Epsilon may have been caused by a targeted spear-phishing campaign that the company should have known about for at least 4 months. According to sources, Epsilon and Atlanta-based Silverpop, another email service provider, were both victims of a series of social engineering attacks directed specifically against email service providers. Click Here to read more.

RSA hackers exploited Flash zero-day bug

Last month’s hack of RSA Security began with an exploit of a then unpatched vulnerability in Adobe Flash Player. According to RSA, the attackers gained access to its network by sending two small groups of employees e-mail attachments. Click Here to read more.

Failure to encrypt portable devices inexcusable, say analysts

The continuing failure by most enterprises to encrypt sensitive data stored on laptops and other mobile devices is inexcusable, analysts said. BP disclosed this week that data was compromised regarding a lost laptop. The computer contained unencrypted personal data such as names, Social Security numbers, etc belonging to 13,000 individuals. Click Here to read more.

McAfee to buy database security vendor Sentrigo

McAfee has agreed to buy database security vender Sentrigo. This means that the McAfee product line would now have a monitoring database for detecting and patching security flaws in enterprise databases. Click Here to read more.

Did hackers nab RSA SecurID's secret sauce?

RSA is scrambling to reaffirm that the strength of its SecurID technology is not diminished. There is no clear indication if RSA will be forced to change its SecurID as a result, but there is already some speculation that attackers gained some information about the "Secret Sauce" that RSA uses in its SecurID authentication. Click Here to read more.

RSA's SecurID Authentication was compromised

Information regarding RSA’s SecureID authentication products was stolen and businesses that use this technology should be aware. According to RSA, “our security systems identified an extremely sophisticated cyberattack in progress being mounted…Out investigation has led us to believe that the attack is in the category of an Advanced Persistent Threat (APT). Out investigation also revealed that the attack resulted in certain information being extracted from TSA’s systems and that some of that information is specifically related to RSA’s SecurID two-factor authentication products.” Click Here to read more.

Rustock Takes a Fall

A large network of hacked computers, called Rustock, has shutdown, perhaps as a result of another coordinated takedown by security experts. Rustock is responsible for a large amount of email as well as mobile spam. Rustock's inactivity started on Wednesday when analysts noted that its servers were offline. Click Here to read more.

VMware makes cloud jumping easy

VMware's vCloud Connector (VCC) is a free VMware appliance and vSphere plug-in that makes it easy to transfer VMware virtual machines between clouds. Before VCC, you had to export VM's to a temporary location, then import them into another cloud. With this application, the process is done in one pass, rather than two. Click Here to read more.

Corporate Data Breach

According to NetworkWorld.com, the cost of an average corporate data breach is approximately $7.2 million, up from $6.8 in 2009. The top 3 causes of data breach were negligence (41%), malicious or criminal attacks (31%), and system failure (25%). You can read more about this subject by clicking here.