Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The worst security SNAFUs this year (so far!)

Ellen Messmer | July 16, 2014
From denial-of-service attacks to cyber-espionage to just plain old human flubs, network security SNAFUS abound.

American Express was informed by the Secret Service that several large files containing personal information amounting to almost 76,608 American Express account records were posted on Internet sites by individuals claiming to be associated with the worldwide hacking collective Anonymous. AmEx said it was working to prevent a similar compromise.

Microsoft commandeered part of an Internet service provider's networks in order to shut down a criminally-operated botnet based on malware known as Bladabindi-Jenxcus. But the Nevada-based company, No-IP (a DNS provider owned by Vitalwerks) complained Microsoft's actions interfered with customers that had nothing to do with the botnet. Microsoft admitted it made a technical error, admitting some No-IP customers "whose devices were not infected by the malware experienced a temporary loss of service." Microsoft and Vitalwerks later reached a settlement related to the subdomains used to control the malware.

Code Spaces, a hosting provider on Amazon EC2 used by organizations for project management and development needs based on Subversion and Git, was forced to close down after attackers first slammed them with a denial-of-service attack to demand ransom — and then wiped out most of their customer-held code when they refused to pay it.


Previous Page  1  2  3  4  5 

Sign up for CIO Asia eNewsletters.