NSA Investigating Nasdaq Hack
Last month when we covered the attack on the Nasdaq's Directors Desk collaboration platform, we said the incident posed plenty of questions, while the Nasdaq proffered (at least publicly) few answers. It seems the National Security Agency agrees.
Lizamoon SQL Injection: Dead From The Get-Go
The latest round of headline-grabbing SQL injection attacks aren't new, and they aren't very effective; in fact, Lizamoon might as well be called the little injection that couldn't
Searching For Security's Yardstick
Despite rising threats, most security organizations still don't have clear metrics for measuring their performance -- or their enterprises' security posture
NASA Servers At High Risk Of Cyber Attack
Auditors were able to pull encryption keys, passwords, and user account information over the Internet from systems that help control spacecraft and process critical data.
(Slightly) More Organizations Proactively Managing Security Efforts
Security vendor survey at the RSA Conference 2011 shows more organizations planning and coordinating their security efforts across security and IT operations teams and risk management groups. But don't plan on a party and fireworks celebration just yet - the improvements are minor.
Do Not Track Momentum Mounts
Legislation to be proposed by Senator John Kerry and analysis of business comments to the FTC may point toward stronger privacy protections.
'Comodo Hacker' Says He Acted Alone
The plot thickens: In an effort to back up his claims, alleged hacker dumps apparent evidence of pilfered database from breached Comodo reseller, as well as Mozilla add-on site certificate
Collecting The SSD Garbage
Solid state storage (SSS) is the performance alternative to mechanical hard disk drives (HDD). Flash memory, thanks to its reduced cost compared to DRAM, has become the primary way the (SSS) is delivered. Suppliers of flash systems, especially in the enterprise, have to overcome two flash deficiencies that, as we discussed in our last entry, will cause unpredictable performance and reduce reliability.
Microsoft Wins A Botnet Battle
The Rustok botnet was estimated to be one million PCs strong, underlining the dangers that malware can cause to businesses and consumers.
Understanding SSD Vendor Talk
If you are either evaluating or getting ready to evaluate investing in solid state storage for your data center you are going to be faced with learning a new language, confronted with a new set of specs and a new set of debate around what features are most important. This will be the first entry in a series that will give you the decoder ring to understanding what Solid State Disk (SSD) vendors are talking about and what statistics are most important.
Are Industrial Control Systems The New Windows XP
Earlier this week a security researcher posted nearly three dozen vulnerabilities in industrial control system software to a widely read security mailing list. The move has Supervisory Control and Data Acquisition systems (SCADA) system operators scrambling, and the US CERT issuing warnings.
DHS Outlines Cybersecurity Strategy
Automation, interoperability, and authentication are the building blocks for a secure network defense, says the Department of Homeland Security.
SCADA Attack Code Released For 35 Vulnerabilities
Systems from Siemens, Iconics, 7-Technologies, and DATAC have security holes in their supervisory control and data acquisition software, leading the Industrial Control Systems Cyber Emergency Response Team to issue security warnings.
Adobe Patches Critical Security Flaw
With attackers actively exploiting the bug to remotely execute code, Adobe recommends that all Flash, Reader, and Acrobat users upgrade immediately.