SecurityWeek

Although it’s a little early for the “what did you do on your summer vacation?” essay, I have mine done. I vacationed in Orlando with my family last week. We did the whole Universal Studios/Disney thing, and had a blast. Although my kids called me a geek for doing so, I pondered the meaning of various happenings and observations that week. Here’s my attempt to unpack the significance of these events.

International Operation Targeted Two Cybercriminal Rings That Caused More than $74 million in losses The Department of Justice and the FBI, along with other law enforcement agencies around the world, announced the indictment of two individuals from Latvia as part of Operation Trident Tribunal, an ongoing operation targeting international cyber crime.

It’s rare that a day goes by without seeing news of another breach or other form of cyber attack in the news headlines. According to a recent survey, organizations are currently experiencing multiple breaches, with more than half (59 percent) of respondents citing two or more breaches in the past 12 months.

Do you allow your employees to surf using open wireless networks from their phones or laptops? What are the easiest ways that attackers can sniff email or gain access to corporate information from these devices? What are the best ways to protect corporation information on the go?

RSA, the Security Division of EMC, has been in the news lately, and not in a good way. The first shoe dropped in March, when the company disclosed via press release that an unknown attacker, likely a state-sponsored actor, stole certain unidentified assets related to its SecurID product.

McAfee announced enhancements to its security management solution today, adding automated and real-time security and risk analytics to help customers proactively identify, assess, manage and report on enterprise security.The McAfee Security Management solution delivers complete integration between its McAfee® ePolicy Orchestrator® platform, McAfee® Risk Advisor, and McAfee endpoint products to enable organizations to gain visibility of security and risk events across on-premise or hosted desktop, network, or server.Enhancements to the updated soution include:

TLS, Transport Layer Security, is a means of securing the transmission of email between two MTAs (mail transfer agents). It prevents an eavesdropper from capturing the headers and body of an email in clear text. TLS is a near-universal feature of MTAs (there are some MTAs that privilege speed over security that lack the feature), and mail administrators usually have it enabled such that anyone attempting to send an email can request its use and negotiate a TLS session.

Skype allows customers to communicate over Voice over Internet Protocol (VoIP) platforms. And because it is encrypted, Skype, which was recently purchased by Microsoft for $8.5 Billion, is used by many businesses today for their international phone calls. What researchers have found, however, is a novel way to decrypt those conversations without ever knowing the encryption key.

Not a week goes by without Web hacking – Sony (again!), FBI, Citibank, ADP, and many others that we don’t even hear about. At best, companies are tinkering with their Web security issues instead of attacking them head-on.

Related News: ADP Experiences Security BreachCitigroup on Wednesday night said a cyber attack in May affected 360,083 of its customers, almost twice the initial number of customers originally reported.

HR and Payroll outsourcing giant Automatic Data Processing, Inc., (ADP) experienced a system intrusion, that as of now, has affected one client. In an announcement this afternoon, ADP said that it was investigating and taking measures to address the impact of a system intrusion that occurred with a client at Workscape, a benefits administration provider that ADP acquired in August 2010. Though the incident is limited to a single client, ADP didn't say if and how many records from the...

Lockheed Martin, the largest provider of IT services, systems integration, and training to the U.S. Government, today announced "BlackCloud", a secure turnkey private cloud solution for government agencies designed to minimize risk while addressing compliance and mission requirements.

Mobile devices bring incredible benefits in terms of productivity and efficiency in the workplace and for personal use. But there’s a catch: "The ways smart phones, laptops and tablets interconnect work life and personal life raise serious security challenges for organizations—and the stakes are high,” according to Alastair MacWillson, global managing director of Accenture’s global security practice and SecurityWeek columnist.

Not only is Capitol Hill pushing cybersecurity legislation to the top of the agenda, but the Department of Defense has declared that real-life military retaliation can be a valid response to cyber attacks.

Long-time President and COO Assumes Top Executive Position