Blog Posts Tagged with "breach"
VMware Confirms Older Hypervisor Source Code Exposed
April 27, 2012 Added by:Headlines
"Our security team became aware of the public posting of a single file from the VMware ESX source code and the possibility that more files may be posted in the future. The posted code and associated commentary dates to the 2003 to 2004 timeframe..."
Comments (0)
Nissan Confirms Cyber Attack and Network Breach
April 25, 2012 Added by:Headlines
"We have detected an intrusion into our company's global information systems network... we believe that our systems are secure and that no customer, employee or program data has been compromised. However, we believe that user IDs and hashed passwords were transmitted..."
Comments (0)
Four Steps to Follow when Your Credit Card is Compromised
April 23, 2012 Added by:Christopher Burgess
Certification of compliance demonstrates that at that given point of time the entity was in adherence to the PCI standards. The threat landscape is dynamic and ever changing requiring those entrusted with our data to take steps beyond compliance to protect that data...
Comments (0)
Update on the Visa - MasterCard - GPN Breach
April 03, 2012 Added by:Pierluigi Paganini
Global Payments' announced that Track 2 data was stolen, which is used by the bank. Track 1 data generally refers to the information reported on the front of a bank card. So if this information was stolen along with that contained in Track 2, it is possible to clone a card...
Comments (0)
Visa and MasterCard Alert Banks of Massive Processor Breach
March 30, 2012 Added by:Headlines
"Visa Inc. is aware of a potential data compromise incident at a third party entity... Visa has provided payment card issuers with the affected account numbers so they can take steps to protect consumers through independent fraud monitoring and, if needed, reissuing cards..."
Comments (0)
Panda Security Suffers the Wrath of AntiSec
March 07, 2012 Added by:Kevin McAleavey
The defacement also show tremendous amounts of sensitive corporate information including internal accounts, passwords, server and cloud configurations, access information to the antivirus lab's Teamviewer as well as alternate means of accessing their internals via "logmein"...
Comments (2)
AntiSec, Stratfor, WikiLeaks, and Much Ado about Nothing
February 29, 2012 Added by:Scot Terban
Some of us out there know a little bit about how intelligence works. While the likes of WikiLeaks rail about how some are using money and perhaps even sex to sway their sources, the reality is that this game has always been played this way. Intelligence is a dirty business...
Comments (2)
Remote Attack Code for Symantec's pcAnywhere in the Wild
February 23, 2012 Added by:Headlines
"A surprising amount of the core code originates from... 10 years ago with only a few added changes, mainly to accommodate changes in Windows versions. Many individual .exe or other files include an accompanying Word document with a detailed developer description of how it functions.."
Comments (0)
Lessons from the Nortel Networks Breach
February 16, 2012 Added by:Suzanne Widup
Much is being published about how inappropriate the response to the Nortel incident was, but it demonstrates an important point for companies - how do you know when you’ve done enough? How do you tell when an incident is over, and you should go back to business as usual?
Comments (0)
Nortel: From Bankruptcy to Industrial Espionage Victim
February 15, 2012 Added by:Pierluigi Paganini
The damage is incalculable if we consider the enormous amount of data that may have been lost. Information on technological solutions, business reports, and other sensitive documents were stolen for years, seriously compromising the intellectual property of the company...
Comments (2)
KPN Hack: Why was Customer Notification Delayed?
February 13, 2012 Added by:Pierluigi Paganini
The login credentials were stored in plain text in the repository that had been exposed, and that is absurd. This is a failure of the basic security procedures that should be recognized internationally, and is an offense for which there should be heavy penalties...
Comments (0)
Hacker Boasts of Intel Corporation Network Breach
February 13, 2012 Added by:Headlines
A hacker who goes by the handles "WeedGrower" and "X-pOSed" claims to have breached tech giant Intel and to have gained access to an Intel.com subscriber database that contains sensitive information including passwords, social security and credit card numbers...
Comments (0)
Security Weekly News Roundup: Tunnel Vision
February 11, 2012 Added by:Fergal Glynn
As security professionals do we all just suffer from “security tunnel vision” or is something major shifting in our industry? Is it all just related to the significant rise in hacktivism or the 24-hour news cycle requiring that every little thing become a news story?
Comments (0)
Did the 2006 Symantec Breach Expose RSA's SecurID?
February 10, 2012 Added by:Kevin McAleavey
The Symantec leak could pose a risk to RSA's SecurID. Examination of the source code for PCAnywhere turned up something disturbing - numerous header files and several libraries belonging to RSA, and SecurID code is part of the exposed PCAnywhere product source code...
Comments (23)
Cyber Defense Weekly: Hacks, Breaches, and Disclosures
February 08, 2012 Added by:Cyber Defense Weekly
"Us law firms have been penetrated both here and abroad. Firms with offices in China and Russia are particularly vulnerable, because the foreign security services are likely to own the people who handle the the firms' physical and electronic security..."
Comments (0)
Symantec Source Code Leak: The Real Elephant in the Room
February 08, 2012 Added by:Scot Terban
Everyone is all over the fact that the Symantec code had been hacked back in 2006 right? I have not seen anything about the real elephant in the room. Where has the code been lo’ these many years? Who had it? Who hacked Symantec in the first place? Anyone? Anyone? Bueller?
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)