Fahmida Y. Rashid

NASA has a number of serious computer and network security issues that could have complicated missions and jeopardized lives, according to the latest audit report. In an internal audit report, titled “Inadequate Security Practices Expose Key NASA Network to Cyber Attack,” the Office of the Inspector General found critical vulnerabilities on six servers connected to […]

Less than two days after the EU Commission and its foreign-service arm came under fire, the European Parliament’s network came under cyber-attack. This is the third such incident on European governmental organizations in two months. The attack on the European Parliament’s computer network began March 24 and was in progress for at least five days, […]

Gulf Coast residents who’d filed claims against oil giant British Petroleum in the wake of last year’s oil spill have another thing to worry about: their private information has been lost and possibly exposed. A BP employee on a business trip misplaced a laptop containing private information of about 13,000 individuals, the oil company said […]

A government-backed Website for entrepreneurs directed users to a site hosting fake antivirus the day it launched. The site, Startup Britain, redirected Internet Explorer visitors to fake antirivus software hosted on a third-party site, Bankling.com, according to BBC News. Startup Britain launched on March 28. “There were some issues with a link on the website […]

Global spam volumes dropped by a third immediately after Microsoft and law-enforcement officials shut down Rustock earlier this month, but other botnets are filling the void. The volume of junk mail fell from around 52 billion daily emails to roughly 33 billion emails a week after the Rustock botnet ceased operations, according to the MessageLabs […]

The same hackers who exposed all the databases running on MySQL.com attacked Sun.com. The Rumanian hackers, “TinKode” and “Ne0h” compromised two Sun subdomains, including www.reman.sun.com and www.ibb.sun.com, according to a blog post on March 27. Using a SQL injection attack, TinKode was able to obtain table names, column names and email addresses stored in one […]

Attackers have launched a large-scale SQL injection attack that has compromised several thousand legitimate Websites, including a few catalog pages from Apple’s iTunes music store. Websense Security Labs and the Websense Threatseeker Network discovered the mass-injection campaign that compromised over 28,000 URLs, including several iTunes URLs, according to Patrik Runald, a senior manager of security […]

The Iranian hacker who managed to trick Comodo into issuing nine fraudulent certificates appears to have compromised two more registration authority (RA) accounts, raising questions about exactly what is going on at the certificate authority. “Two further RA accounts have since been compromised,” wrote Robin Alden, CTO of Comodo Security, on the mozilla.dev.security.policy mailing list […]

Social networking sites can do so much more to protect their users from malware and social engineering attacks. A recent research study suggests users have to shoulder some of the responsibility, too. A majority of users are unaware that posts on Facebook could pose a security risk and those who were aware did not warn […]

One company’s misery is another’s opportunity. CA Technologies is reaching out to jittery RSA customers with a trade-in deal: SecurID tokens for CA ArcotID secure software licenses. Ever since RSA Security’s executive chairman Art Coviello disclosed on March 17 that attackers had successfully breached the companys networks and stolen information related to the company’s SecurID […]