LulzSec hack timeline: Doing it for the lulz
Fresh from their latest hack, Computerworld Australia brings you a timeline of LulzSec's major scalps
If deployed correctly, encryption does not need to be a headache. Instead, encryption can be an enabler to achieve the flexibility, compliance and data privacy that is required in today's business environments.
Last October a large company revealed that an employee mistakenly sent an email to an unauthorized recipient containing the names and Social Security numbers of former employees. Six months earlier, a larage Texas university accidentally exposed personal information about as many as 4,000 alumni in an electronic file accidentally attached to an email sent to one person who had requested a transcript. That's just the tip of the iceberg in insider-triggered security breaches.
New sophisticated attacks designed to take advantage of security-challenged end users are evolving so rapidly that technology solutions, security policies and procedures alone cannot protect critical company assets and data. Recent research from Deloitte revealed that 70% of the companies surveyed indicated that employee mistakes were a major threat, with lack of security awareness being cited as a major vulnerability.
Although vendor-written, this contributed piece does not advocate a position that is particular to the author's employer and has been edited and approved by Network World editors.
Besides the fraudulent security certificates Dutch authority DigiNotar issued for Google.com, more were made for Yahoo.com, Mozilla.org, torproject.org, wordpress.org and an Iranian blogging platform, Baladin, according to a Dutch report.
Almost 50% of Australian security executives are concerned about the current state of their company’s security in dealing with advanced attacks. Find out in this infographic the survey results of how respondents feel about dealing with security breaches effectively.