Items Tagged with "breach"
February 23, 2012 Added by:Headlines
"A surprising amount of the core code originates from... 10 years ago with only a few added changes, mainly to accommodate changes in Windows versions. Many individual .exe or other files include an accompanying Word document with a detailed developer description of how it functions.."
February 16, 2012 Added by:Suzanne Widup
Much is being published about how inappropriate the response to the Nortel incident was, but it demonstrates an important point for companies - how do you know when you’ve done enough? How do you tell when an incident is over, and you should go back to business as usual?
February 15, 2012 Added by:Pierluigi Paganini
The damage is incalculable if we consider the enormous amount of data that may have been lost. Information on technological solutions, business reports, and other sensitive documents were stolen for years, seriously compromising the intellectual property of the company...
February 13, 2012 Added by:Pierluigi Paganini
The login credentials were stored in plain text in the repository that had been exposed, and that is absurd. This is a failure of the basic security procedures that should be recognized internationally, and is an offense for which there should be heavy penalties...
February 13, 2012 Added by:Headlines
A hacker who goes by the handles "WeedGrower" and "X-pOSed" claims to have breached tech giant Intel and to have gained access to an Intel.com subscriber database that contains sensitive information including passwords, social security and credit card numbers...
February 11, 2012 Added by:Fergal Glynn
As security professionals do we all just suffer from “security tunnel vision” or is something major shifting in our industry? Is it all just related to the significant rise in hacktivism or the 24-hour news cycle requiring that every little thing become a news story?
February 10, 2012 Added by:Kevin McAleavey
The Symantec leak could pose a risk to RSA's SecurID. Examination of the source code for PCAnywhere turned up something disturbing - numerous header files and several libraries belonging to RSA, and SecurID code is part of the exposed PCAnywhere product source code...
February 08, 2012 Added by:Cyber Defense Weekly
"Us law firms have been penetrated both here and abroad. Firms with offices in China and Russia are particularly vulnerable, because the foreign security services are likely to own the people who handle the the firms' physical and electronic security..."
February 08, 2012 Added by:Infosec Island Admin
Everyone is all over the fact that the Symantec code had been hacked back in 2006 right? I have not seen anything about the real elephant in the room. Where has the code been lo’ these many years? Who had it? Who hacked Symantec in the first place? Anyone? Anyone? Bueller?
February 07, 2012 Added by:Anthony M. Freed
"The e-mail string posted by YamaTough was actually between them and... law enforcement. YamaTough actually reached out to us, first, saying that if we provided them with money, they would not post any more source code. At that point... it was a clear cut case of extortion..."
February 06, 2012 Added by:Anthony M. Freed
Anonymous-aligned hacker YamaTough, the spokesperson for the hacktivist group “The Lords of Dharmaraja”, falsely accused Symantec of attempting to bribe the group in order to prevent the release of source code for the company's PCanywhere product, among others...
February 03, 2012 Added by:Pierluigi Paganini
The impairment of these mechanisms could lead to the redirection of traffic to bogus sites with serious consequences - and not just that - the compromise of the Digital Certificate model itself raises the risk for the interception of emails and confidential documents...
February 03, 2012 Added by:Robert Siciliano
Recently UCLA announced 16,000 patients were potential victims of identity theft because a doctor’s home office was broken into and data stolen. Data breaches cost big bucks. Encryption in this scenario failed due to a password on a sticky note near the laptop...
February 03, 2012
"The conversation covers tracking of Anonymous and other splinter groups, dates of planned arrests and details of evidence held by police. Anonymous also published an email from the FBI, showing the email addresses of call participants. The FBI confirmed the intercept..."
February 01, 2012 Added by:Jeffrey Carr
As the world's largest vendor of security software, the breach puts all of its corporate and government customers at risk, because if Symantec didn't know the extent of its breach back then, how do Symantec's customers know that their current product line is safe to use?