A new study from the Ponemon Institute indicates that nearly half the cost of a data breach is due to lost business, both from current customers and increased cost to acquire new customers. A failure to protect customer data is seen as a major breach of trust from which many companies have trouble recovering.
RSA Hacked
March 18, 2011It appears that RSA – yes, that RSA, the demigods of security – has been hacked.
An APT attack was used to exfiltrate information related to their SecureID multifactor authentication products. While they don’t think that it was information that could lead to a successful breaking of the product’s capabilities, it might make an attack simpler. Details will be forthcoming to SecureID customers.
Leave a Comment » | 
Incidents | 
Permalink
Posted by matt
Applications Pulled from Android Market
March 2, 2011Google has just removed 21 malicious applications from the Android market – they were all pirated knock-offs of other software, loaded with malware and intended to compromise the handset they were installed upon. Despite their quick action, 50,000 copies had already been downloaded.
Leave a Comment » | Incidents, Malware, Smartphones | Permalink
Posted by matt
Rain Clouds
February 28, 2011It appears that around half a million GMail accounts went offline yesterday – worse yet, some users lost the contents of their Google Apps accounts even when they were available again.
If you’re storing critical data “in the cloud”, scenarios like this are why a local backup is so critical.
Leave a Comment » | Incidents | Permalink
Posted by matt
Back to Basics
February 24, 2011An article on Threatpost makes a compelling point: despite the amount of press lavished upon attacks like Stuxnet or Aurora, most companies don’t need to be worried about the latest and greatest targeted attacks. They need to worry about the basics – SQL injection attacks, phishing, social engineering, and other “boring” threats.
For the vast majority of companies, especially ones outside of the Fortune 100, there is simply no present threat from something like Aurora. Complex, expensive security infrastructures aren’t what you need. You need properly hardened servers, trained employees, and developers who know how to write secure application code.
Leave a Comment » | Exploits, Incidents | Permalink
Posted by matt
Terrorism Snake Oil
February 22, 2011Dennis Montgomery, a programmer from California, was the principal software engineer for at least two companies who appear to have defrauded the US government. His software, originally designed for colorizing movies, failed to generate any interest. At least, until he started claiming that its image-processing capabilities could find secret terrorist messages in Al Jazeera broadcasts and isolate images of evildoers in Predator drone videos.
Security is, unfortunately, a hot item these days – there’s a lot of money being thrown around, and that means a lot of snake oil salesmen trying to get their hands on a bit of it. Millions of dollars later, I’m sure that the feds wish they had done their due diligence. Their response has been to lock down the story in the interests of “national security” – more likely, they’re just hoping the story quietly dies and spares them some embarrassment.
Leave a Comment » | Incidents, Social Engineering | Permalink
Posted by matt
Cybersecurity Budget
February 15, 2011In a fairly austere budget year, the Obama administration is pushing for a significant increase in cybersecurity research funding at the federal level. This is a clear response to the complete inability of some government agencies to control data exfiltration (see: Wikileaks) as well as the threat to SCADA and other systems represented by Stuxnet.
Leave a Comment » | Incidents, Legal | Permalink
Posted by matt
HBGary Breach
February 7, 2011According to several sources, including this article at eWeek, security firm HBGary Federal is paying the price for taunting the hacktivist group Anonymous. A few days ago, HBGary claimed to have uncovered information about the leadership structure and identities of Anonymous. In retaliation, the group compromised the HBGary network, posted internal emails, and generally caused havoc.
(Update: Apparently, the root of the compromise was a social engineering attack. Someone was convinced that they were sending authentication credentials to a host behind the firewall to a legitimate user; apparently, they were incorrect. The idea that a “security” firm would be sending unencrypted email with account details in response to an unvalidated, unsigned message boggles my mind.)
Leave a Comment » | Incidents | Permalink
Posted by matt
Poor Response
February 1, 2011If someone set out to write a textbook on how NOT to respond to a security incident, the recent breach at PlentyOfFish.com could serve as a template. Lenny Zeltser explains why at the Internet Storm Center.
(In addition to Lenny’s excellent points, Brian Krebs points out that storing user passwords in plaintext is also a pretty stupid thing to do. What is this, a WWIV BBS in 1994?)
Leave a Comment » | Incidents | Permalink
Posted by matt
Sourceforge Attack
January 27, 2011Sourceforge.net, a hosting service for open source projects, has suffered a serious security breach. They are currently working to identify the source of the exploit and ensure the integrity of the remaining data in their environment. Some services, notably CVS, are still down as of this writing.
Leave a Comment » | Incidents | Permalink
Posted by matt