Amichai Shulman

A new McAfee report details a massive attack, ongoing for at least five years, that has targeted corporations, governments and even tiny nonprofits.. While the last few months have seen an unprecedented number of high-profile breaches ? including intrustions into RSA, Lockheed Martin, Sony, Fox, PBS, the U.S. Senate and the CIA ? Wednesday's release of a white paper by security firm McAfee detailing a breach campaign it is labeling Operation Shady Rat stands to pass them all.

LONDON (Reuters) - From the streets of Cairo and Madrid to online forums and social media sites, "leaderless" protests are on the rise. But the very qualities that led to their short-term success may condemn them to failure in the long run.

The cyberattack last summer on Iran's nuclear facilities has upped the ante for decision-makers in charge of critical infrastructure and enterprise networks, reports Greg Masters.. The cyberattack last summer on Iran's nuclear facilities has upped the ante for decision-makers in charge of critical infrastructure and enterprise networks, reports Greg Masters.

Oracle released 66 security patches for 43 Oracle security vulnerabilities and 23 for Sun software.. On Tuesday, as part of its quarterly release cycle, Oracle released 66 security patches to fix 43 Oracle security vulnerabilities and 23 for Sun software. Many of the patches were for threats ranked at the highest risk level under the Common Vulnerability Scoring System (CVSS) version 2.0.

The Google-China attacks, revealed in January, kicked off a year in which the threat of cybespionage to steal corporate and government secrets firmly entrenched itself as part of the security battle zone.. Rather than cloaks and daggers, today's spies are armed with computers capable of reaching anywhere in the world, reports Greg Masters. Move over James Bond, you're an anachronism. If you don't know how to get past a firewall, a martini shaken, not stirred, won't help you anymore. Nor will any gadget devised by Q. When a group of eight Republican senators warned the Obama administration last August to be wary of the possibility of a Chinese vendor winning a bid to sell equipment to American telecom giant Sprint Nextel, they argued that the company, Huawei, had supplied equipment to Saddam Hussein's regime in Iraq and Iran's Islamic Revolutionary Guard. They also said that because the company reportedly had ties with China's People's Liberation Army (PLA), the selection would "present

HELSINKI (Reuters) - All network security equipment, the strongest of which is used by the financial industry, is exposed to a new kind of online attack, Finnish data security vendor Stonesoft said on Monday.

Researchers at security firm Imperva have discovered a botnet made up of hundreds of servers that is capable of launching something more powerful than traditional distributed-denial-of-service (DDoS) attacks.. Researchers at security firm Imperva have discovered a botnet consisting of web servers, rather that individual PCs, that is being used to launch more devastating denial-of-service (DDoS) attacks. An attacker by the name of ?Exeman? has infected around 400 web servers with a simple 40-line PHP script, which includes a malicious application that can be used to launch DDoS attacks, Imperva CTO Amichai Shulman told SCMagazineUS.com on Wednesday. The application provides a dashboard and control panel that can be used to input the URL of an intended target and configure the IP, port and duration of the attack, Shulman said. The attacker may have leveraged a common flaw, called a remote file

A recent analysis of 32 million passwords, obtained in the RockYou.com hack, has revealed that nearly 300,000 individuals used '123456' as their password.. A recent analysis of 32 million passwords, obtained in the RockYou.com hack, has revealed that the most commonly used password on the site was ?123456,' according to database and application security vendor Imperva. After analyzing the data, researchers at Imperva Application Defense Center determined that 290,731 individuals used ?123456' as their password. The second most common password, used by 79,078 individuals was ?12345,' and the third most popular password, used by more than 76,790 individuals, was ?123456789.'?It was surprising,? Amichai Shulman, CTO at Imperva, told SCMagazineUS.com on Friday. ?We expected to see weak passwords, but we did not expect the magnitude of this.?The passwords were obtained in December by a hacker with the alias 'igigi,' who was able to break into the database of RockYou, a provider of applicati

A hacker was able to break into the RockYou database and hijack the account credentials of tens of millions of members.. A hacker was able to break into the database of RockYou and obtain 32 million clear-text passwords through an SQL vulnerability.Researchers at database security firm Imperva discovered the flaw in RockYou.com, which provides applications and services for social networking sites like Facebook and MySpace. Imperva notified the site then issued a warning about the flaw, Amichai Shulman, CTO of Imperva, told SCMagazineUS.com on Tuesday.But before RockYou could fix the bug, at least one hacker, using the alias ?igigi,? claims to have broken into the database and obtained the RockYou credentials of all users ? totaling more than 32.6 million. He was able to steal the information because users' email addresses and passwords were stored in clear text, meaning they were not rendered unreadable through encryption or any other methods, Shulman said. ?So once I get the credentia

Yahoo has fixed a dangerous blind SQL vulnerability its career website that could have allowed for the theft of personal data belonging to job hunters.. Security researchers have helped to close up a blind SQL injection vulnerability on Yahoo's careers website.Through their normal surveillance of cybercrime forums, researchers at web application firewall provider Imperva noticed discussion about the flaw, present on careers.yahoo.com and which could allow attackers to extract database contents, including personal information. The researchers, though, did not see the cybercrooks attempting to exchange any stolen data.Amichai Shulman, Imperva's CTO, said he confirmed the flaw and, on Thursday, notified Yahoo, which pushed out a fix within hours.The vulnerability is different than a traditional SQL injection flaw, he told SCMagazineUS.com on Monday. Typically, to pull off a SQL injection exploit, attackers enter a specially crafted query into a web form, which tricks the database into ret

The mass SQL injection attacks that gained attention earlier this week are continuing, with some 210,000 pages infected so far.. The mass SQL injection attacks that gained attention earlier this week are continuing, with some 210,000 pages infected so far.All of the attacks are coming from IP addresses based in China, Amichai Shulman, CTO of database security firm Imperva, told SCMagazineUS.com Thursday. ?This is something unique, as usually attacks of this nature come from infected bot PCs based all over the world rather than in one country,? he said. ?In this latest wave, we have recorded the attack coming from more than 60 servers based in China, attacking sites around the world, rather than the global network typically seen in such attacks.?The attack works in two stages. The first is to infect the target web pages, and then when visitors browse to the infected pages, malware is downloaded to their machines.?They have a counter to tally the number of infected machines, and as of We

Web hosting firm Network Solutions on Friday announced that, despite its being PCI compliant, a breach had compromised approximately 573,928 individuals' credit card information.. Web hosting firm Network Solutions on Friday announced that, despite its being PCI compliant, a breach had compromised approximately 573,928 individuals' credit card information.Network Solutions discovered unauthorized code on its servers used to support thousands of e-commence merchants' websites, Susan Wade, director of communications at Network Solutions told SCMagazineUS.com on Monday. The company determined that the unauthorized code may have been used by cybercriminals to capture transaction data, including customer names, addresses, and credit card numbers, and transfer it to servers outside of the company, she said.

Oracle has issued security patches for a number of its products, including several fixes that were rated as "high" severity.. Oracle has issued security patches for a number of its products, including several fixes that were rated as "high" severity on the Common Vulnerability Scoring System (CVSS), with a base score of more than 7 [out of 10], according to the company's advisory.