We Phish Yahoo! a Merry Christmas :-)
Can your “backup address” make it easier for hackers to target you? Yes, yes it can!
Infiltrate, Exfiltrate, and… Inject?
This is a blog about spying in the Internet era. While activists would have you believe that it’s all about online personas, there is still a lot of cloak-and-dagger up close and personal spying going on. When Edward Snowden dumped his files, many Western spy agencies had to pull back agents because their covers were blown. […]
Would Encryption Have Prevented The Target Hack?
Security professionals need to be performing the same kinds of risk analysis and business impact analysis that business continuity professionals have been doing for dozens of years. As part of that risk analysis you need to determine your most important information, its lifetime, and whether or not you are properly protecting it.
Is There a Target On My Back?
Target didn’t know they were hacked until they learned about it from a third-party forensics firm. How could Target not know that its own systems were hacked? You might be surprised how many companies have no clue…
What Does “Data Loss” Mean To You?
Protecting your data against loss means protecting it against a spectrum of risks. If you are worried about corruption or deletion of data, then you should be thinking about replication and backup. If you are worried about your data falling into the wrong hands, then you should be thinking about data encryption solutions along with access controls and separation of duties. Last but not least, if you are worried about regulatory compliance or eDiscovery, then you might also have a requirement to store your data in a provably read-only form.
Pick a Number, Win the Lotto – How Citibank was Hacked
Hackers discovered that by changing a string of numbers at the end of the Citi Account Online URL, they could break into any account and steal names, account numbers, and email addresses. How could this happen, and is your company in the same situation?
How RSA Tokens Were Used To Hack Into Military Contractors
Apparently, the information taken during an attack on the RSA SecurID servers has been used to break in to one or more military contractors. How did this happen and what can you do to protect your organization?
What Can We Learn From the RSA Hack?
The security professionals who work for RSA are some of the best in the business. If they’re so good and RSA still got hacked, what does that portend for your organization?
“The Most Significant Breach Of U.S. Military Computers Ever”
… was caused by a malware-loaded USB Flash Drive. Plugging the cigarette-lighter-sized flash drive into an American military laptop at a base in the Middle East amounted to “a digital beachhead, from which data could be transferred to servers under foreign control,” according to William J. Lynn 3d, deputy secretary of defense. Many security experts […]
SCADA Systems Under Attack
New malware spread on USB flash drives targets the default password on Siemens’ Simatic WinCC software to break in.
