Archive for June 2011
20 Jun 2011
Shawn Mitchell writes: If you’ve ever tracked a growing number of assets with a spreadsheet, you’re familiar with the chaos. Efficient business operation and gaining a competitive advantage are both hindered when your asset tracking is out of control. As assets become more involved with an organization’s processes, the impact of misplaced assets or off-track locations becomes more severe.Read blog post
17 Jun 2011
Amit Klein writes: We have uncovered a SpyEye configuration that targets users of two leading European airline travel Web sites: Air Berlin, the second largest airline in Germany (after Lufthansa) and AirPlus, the global provider of business travel services for companies. SpyEye exploits the user’s machine, not the websites, to carry out this fraud.Read blog post
Response quote from security intelligence specialist Q1 Labs to the denial of service attacks by Hacker group Lulz Security on the websites of CIA and US Senate.
16 Jun 2011
“In light of the weeks denial of service attack on the websites belonging to the CIA and the US Senate, UK public sector organisations are reminded of the critical importance of guarding their online perimeter,” said Tom Turner, senior vice president of marketing and channels for Q1 Labs.Read blog post
14 Jun 2011
SecurEnvoy co-founder Steve Watts discusses the fall-out from the RSA systems hack in March and offers some words of advice on how best to handle the consequences...
The high-profile hack of EMC's RSA division, which resulted in questions being raised about the security of the SecurID hardware authentication system, and the eventual replacement of some 40 million tokens - a process that started in June and is likely to continue for some months - is a game changer on several levels.Read blog post
09 Jun 2011
Amichai Shulman writes: “Today, Imperva released a report on search engine poisoning. Search Engine Poisoning attacks manipulate, or “poison”, search engines to display search results that contain references to malware-delivering websites. There are a multitude of methods to perform SEP: taking control of popular websites; using the search engines’ “sponsored” links to reference malicious sites; and injecting HTML code. Here’s a graphic explaining how it works:Read blog post