IT Security Rewind – August 22, 2011

August 26, 2011 CyberArk

by Josh Arrington

What could 43,000 Yale graduates, the Securities and Exchange Commission, the Maine voter registration system and RSA possibly have in common? Their data has all been tampered with. In this week’s IT security rewind we’ll reveal the email that took down RSA, review this week’s noteworthy data breaches and question the SEC’s involvement in data destruction associated with the Berni Madoff case. What a week!

Dear RSA, “I forward this file to you for review. Please open and view it.” – It’s been a rough week for RSA, as researchers at F-Secure believe that this email carrying an infected Excel sheet may be the sole cause of the major phishing breach that tainted the company’s reputation. According to IDG, “The e-mail was sent on March 3 and uploaded to VirusTotal, a free service used to scan suspicious messages, on March 19, two days after RSA went public with the news that it had been hacked in one of the worst security breaches ever.”

Mainers and Yale Grads Beware! Since the beginning of the “IT Security Rewind,” we have yet to go a week without some sort of publicized data breach, and this week is no different. This Tuesday, Yale University notified about 43,000 faculty, staff, students and alumni that their names and Social Security numbers were publicly available via Google search for about 10 months. What’s interesting about this breach is that a File Transfer Protocol (FTP) server on which the data was stored became searchable via Google as the result of a change the search engine giant made last September.

The very next day, voters in the state of Maine were notified that a CVS-linked computer in one of the town offices was infected with data-stealing malware.

The Berni Saga won’t end – and this week data surrounding the case takes center stage as the Securities and Exchange Commission (SEC) has been accused of destroying thousands of data files on high profile inquiries including an early-stage investigation into Berni Madoff. Whether or not privileged access played a role in this possible tampering is unclear, however according to CSO Online, “Senator Chuck Grassley, the senior Republican on the Senate Judiciary committee, said the data that the SEC is alleged to have destroyed – between 1993 and 2010 – also concerned investigations into alleged insider trading at Deutsche Bank, SAC Capital and collapsed bank Lehman Brothers; as well as into corporate practices during Goldman Sachs’ trading of complex products with insurer AIG.”

Previous Article
Morto A, Brute-Force and the Perpetual Problem of Insecure Privileged Accounts
Morto A, Brute-Force and the Perpetual Problem of Insecure Privileged Accounts

by Roy Adar Consider these keyboard combinations: *1234, 123, 369, abc123, abcd1234, admin, admin123, letme...

Next Article
IT Security Rewind – Week of August 15, 2011
IT Security Rewind – Week of August 15, 2011

IT Security Rewind – Week of August 15, 2011 by Josh Arrington Limitations of technologies that are suppose...