Week in review: HBGary breach, corporate espionage and 2-step authentication by Google

Here’s an overview of some of last week’s most interesting news and articles:

Hackers compromised Nasdaq’s network
Hackers continue to breach systems of vital importance to the US, and the latest one to be compromised is the one belonging to the company that operates the Nasdaq Stock Market.

IT certifications grow in importance
Employers are inclined to rely more heavily on professional certifications when hiring IT workers, but are challenged by credential evaluation and validation issues.

USB autorun attacks against Linux
Many people think that Linux is immune to the type of Autorun attacks that have plagued Windows systems with malware over the years. However, there have been many advances in the usability of Linux as a desktop OS – including the addition of features that can allow Autorun attacks.

Zeus Trojan targets UK government
During his speech at the Munich Security Conference on Friday, UK’s foreign secretary William Hague revealed that the UK government has been targeted with a e-mail campaign containing the well-known information-stealing Zeus Trojan.

Stalker targets Zuckerberg through Facebook
Time has shown that Facebook has become another weapon in the stalker’s arsenal, and even the social network’s founder could not avoid being harassed.

Facebook survey scam toolkit lowers entry bar for scammers
If you have been wondering about the recent proliferation of survey scams on Facebook and thinking to yourself how is it possible that so many people to know how to develop these scammy applications, the answer is actually really simple.

1 in 3 EU Internet users infected by malware
The EU has been at the forefront in leveraging IT advancements. The region has a high Internet penetration rate and over two-thirds of the population uses Internet. However, as is the case with other regions, Internet security has assumed significance due to rising incidents of cybercrime.

List of top e-threats points to computer use trends
BitDefender issued its monthly top 10 list of e-threats, which offers some insight into security and computer use trends.

Unregulated mobile app markets are a godsend to malware developers
It’s basic economics – as the number of sold smartphones continues to rise worldwide, so will the number of threats targeting the users of these devices.

7 critical questions to ask before developing a social media policy
Social media disrupts the long-standing rules of business in many ways, but crafting a social media policy is premature unless the designers of the policy answer seven critical questions first.

400,000 e-mail addresses stolen in Irish job website breach
Names and e-mail addresses of some 400,000 job seekers have been harvested by hackers who have breached the RecruitIreland.com site and its systems.

iPhones and iPads reveal passwords regardless of passcode protection
After having bypassed the passcode using a modified jailbreaking technique and the installation of an SSH server on a device, software on the device can be used to access the encrypted keychain database.

HBGary breach revelations and repercussions
A few days ago, the Internet group Anonymous downed security firm HBGary’s website and breached its networks, downloading a serious amount of confidential information belonging to the enterprise and publishing some of it.

2-step authentication finally available to Google’s non-paying customers
Setting it up should be easy because Google has provided a user-friendly set-up wizard to guide the users through the process, which also includes setting up a backup phone and creating backup codes in case the user loses access to his primary phone.

Chinese hackers behind espionage attacks hitting Western oil firms?
Hackers have targeted five international oil companies and have extracted sensitive corporate information about oil- and gas-field operations, project financing and bidding, claims security firm McAfee in a recently released report.

Fake scanned documents lead to Zeus infection
A new spam e-mail campaign is currently underway, and takes the form of a document scanned and sent by a Xerox WorkCentre Pro scanner.

What Stuxnet means for the process industry
The Stuxnet and Aurora attacks have shown us that malware development has become a professional job. These threats targeting the process industry were written by highly intelligent developers, financed by huge investors, and possibly even by governments. Yet every time a new attack is discovered, experts are left wondering how the malware was developed so quickly.

OPIS

Subscribe to the Help Net Security breaking news e-mail alerts:

OPIS
More about

Don't miss