The Finnish security provider F-Secure concludes the attack e-mail doesn't look too complicated. In fact, it's very simple. But the exploit inside Excel was a zero-day attack at the time and RSA couldn't have protected against it by patching its systems.
We're pleased that two members of Congress have asked the Government Accountability Office to study whether federal regulators are adequately addressing the security risks involved in using wireless medical devices.
"Veterans should have consistent and convenient access to reliable VA information real time using social media, whether on a smartphone or a computer," Secretary of Veterans Affairs Eric Shinseki says.
"The timing and the targets point to China," says cybersecurity policy expert James Lewis. "Spying right before the Beijing Olympics and focusing on Southeast Asia reflects China's larger interests more than those of any other country."
Organizations taking proper preventative measures realize a cost savings of nearly 25 percent over those that don't, an analysis of a survey sponsored by Hewlett-Packard reveals. Still, the study shows, it takes longer to resolve cyberattacks than it did a year ago.
Social media, mobility and cloud computing are new areas of risk for organizations, and risk managers need to go back to the fundamentals of understanding the information they are protecting, says Robert Stroud, ISACA's international vice president.
"If not properly implemented, telework may introduce new information security vulnerabilities into agency systems and networks," Office and Management and Budget Director Jacob Lew warns in a White House memo.