February 3rd, 2012
Best InfoSec risk intel this week: please read Imperva?s Business Logic Attack report. John Levine on the CircleID blog nailed it: ?World Notices That Verisign Said Three Months Ago That They Had a Security Breach Two Years Ago.? Verisign said: ?we do not believe that the operational integrity of the Domain Name System (DNS) was compromised.? Verisign also said, ?non-production corporate network,? and ?Information stored on the compromised corporate systems was exfiltrated.? That is what we know. Everything else is either generalizations about data breaches or is just conjecture; be very skeptical. A colleague-to-colleague appeal to Verisign: Contribute to the community and to our profession and provide us with enough details for mutual defense. If it was just another spear-phishing-delivered-PDF-Trojan, fine?but please say so. ?We don?t want your dirty laundry. We do all want to keep our own houses in order. ?Anonymous attacked four banks in Brazil. ?In Australia, criminals breached hoster Fairfax and domain trader Netfleet. And another round of attacks transforming WordPress into malware distribution platforms is underway.
Tags: INTSUM
Source: http://securityblog.verizonbusiness.com/2012/02/03/weekly-intelligence-summary-2012-02-03/
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.