Fahmida Y. Rashid

While customers are understandably concerned about the security of their SecurID deployments, the RSA breach is a wake-up call about the recent increase in what security experts call APTs: advanced persistent threats. Attackers had successfully breached the RSA’s networks and stolen information related to the company’s SecurID two-factor authentication technology, revealed Art Coviello, the executive […]

Here is another for the “Security flaws can happen to anyone” files. Security researchers have found a number of Web site vulnerabilities on McAfee.com that can lead to cross-site scripting and other attacks. The flaws were found by the YGN Ethical Hacker Group and posted on the Full Disclosure mailing list on March 28. YGN […]

Cyber-criminals are increasingly targeting intellectual property and trade secrets, according to a new research report from McAfee. Cyber-criminals are making money stealing trade secrets, marketing plans, research and development findings, and even source code, according to a report released March 28 by McAfee. As attacks on intellectual property increase, organizations are also less willing to […]

An individual claiming responsibility for generating bogus SSL certificates for Google, Skype, Microsoft Live and Yahoo has identified himself, and surprise, it’s not the Iranian Cyber Army. The Comodo attack was not the act of an organized, state-sponsored organization, but a lone hacker interested in bringing down the SSL root certificate system, according to a […]

It doesn’t get any more ironic than this. The Web site for Oracle’s open source database MySQL has been hacked…by a SQL injection attack. Oracle’s MySQL.com customer Web site was compromised on March 27 by hackers who publicly posted usernames, database schemas and passwords obtained during the attack. The vulnerable domains included www.mysql.com, www.mysql.fr, www.mysql.de, […]

Three recent data breaches at third-party Web service providers highlight the importance of organizations making sure customer data outside of the company is protected. Unlike the recent RSA breach or the malware-based attack on the European Commission, cyber-criminals stole information from tourists visiting Maine state parks and shoppers buying from Play.com by hitting third-party marketing […]

Apple released a minor security and maintenance update for its iOS devices a few days earlier than expected to fix mobile connections, graphics and Apple TV bugs. Apple’s iOS 4.3.1 update, issued March 25, included a handful of security and maintenance fixes for the iPhone, iPod Touch and iPad. The update comes as Apple prepares […]

If you are seeing a new search box on the top of Facebook pages, the company thinks you may be infected by some kind of malware. Images of a Facebook page with two search boxes surfaced March 24 on AllFacebook.com prompting speculation about the social networking giant’s potential foray into search. In the image, the […]

Malvertisements reared their ugly heads again, this time for a free ad-supported digital-music service. Spotify, a Luxembourg-based digital-music service, was hit by malware distributed through a third-party ad network, according to a March 25 report from Netcraft, an Internet services company based in Bath, England. Malicious advertisements being displayed on the free version of Spotify, […]

A number of Facebook users may have made a detour to China recently on their way to connect with friends. Some of the network traffic heading to Facebook’s servers in Palo Alto, Calif., was re-routed to first pass through Chinese and Korean servers, according to Barrett Lyon, a network security expert who flagged the incident […]