The following article in eWeek Magazine:
Worm Squirms Through Google’s Orkut
outlines how Google’s Orkut has a fast moving worm working it’s way through the popular social networking service.
“The worm, which first appeared on Dec. 19, has been spreading through Orkut’s Scrapbook system at a rapid pace, infecting more than 650,000 users in the space of a few hours.”
No Comments »
Don’t believe me? Just ask TJX or Monster.com or The Department of Homeland Security or Salesforce or TD Ameritrade or…..still don’t believe me? Well, check out what Sal Iannuzzi, CEO of Monster.com had to say (he agrees with me):
“I wish I could say…there will be absolutely no way that the Monster site can be compromised. I cannot ever make that promise, and no Internet company can.” 08/29/07, Reuters
If you still don’t believe me then feel free to move on. If you do, then read on.
Let’s reflect back on the past 12 months to perform that so-called “rocking chair test.” It certainly was a busy year! In fact, the Threats Watch Blog even went as far as to call 2007 “The Year of the Data Breaches.” Additionally, CSO magazine has a excellent summation of the past year in their article: The Top 10 Data Breaches of 2007.”
So, what can we learn from this past year? Three things:
- Breaches are Inevitable.
- Organization can no longer rely solely on Protection (Firewalls, IPS, etc) & Detection (IDS, Event correlation, Alerting) for security.
- Organizations must have a comprehensive breach recovery plan in place.
(more…)
No Comments »
As you may have read in “About BreachBytes” over the past 6 months we have been posting links to articles on the Packet Analytics web site that have to do in one way or another with Breaches and Incident Response. Since we have converted BreachBytes from a list of links on our web site to a full blog I thought we should post the links on the BreachBytes Blog.
SourceForge hacked, but not to worry(?)
“We played a game of cat and mouse with a “security enthusiast” from Europe yesterday. :)” 12/8/2007
DOE Lab Hacked
Oak Ridge National Laboratory, a U.S. Department of Energy facility, said on Thursday that its computer network had been comprised by a spear-phishing attack. 12/7/2007
(more…)
1 Comment »
Oak Ridge National Laboratory admitted that they had suffered a breach on October 29th, 2007. Luckily, it appears from this Information Week article that no classified information was compromised. This breach underscores the fact that breaches are inevitable and all organizations whether they are government, non-profit or for-profit must have a comprehensive response and recovery plan.
There are so many situations, reports and news articles where vague statements are used such as the one in the Information Week article: “ORNL said that no classified information was lost but that the personal information of visitors may have been stolen.” “…may have been stolen,” that makes me feel comfortable and secure. When responding to an incident it is necessary to be able to definitively state what actually happened and report a conclusive response. That’s what “incident response” is all about.
A comprehensive recovery plan that includes the ability to perform “deep dives” into all of an organizations network data particularly using NetFlow lets security analysts provide that definitive answer we are all looking for.
No Comments »
Entries (RSS)