Fahmida Y. Rashid

Security software producer Barracuda Networks was hit by a SQL injection attack launched on April 9 while the company’s own Barracuda Web Application Firewall was offline for scheduled maintenance, Michael Perone, Barracuda Network executive vice president, wrote April 12 on the corporate blog. The attacker uncovered email addresses of select Barracuda employees with their passwords […]

McAfee has updated its intrusion prevention system to add network analysis capabilities to virtual machines and to improve its botnet detection capabilities. With the latest version of the Network Security Platform, administrators can use a single platform to monitor network traffic, regardless of the environment. The latest Network Security Platform, at version 6, allows administrators […]

Sony has settled its lawsuit against GeoHot, the hacker who published the secret key to jailbreak the PlayStation 3 console. George Hotz’s code allowed users to install unofficial firmware and games on the gaming platform. Hotz agreed to stop sharing the offending code and to also drop all future attempts to gain “unauthorized access to […]

The data breach at Epsilon dominated headlines this week, as companies worried about potential phishing attacks. Several reports also highlighted malware and targeted attacks for mobile devices. The week began with EMC announcing its acquisition of network forensics vendor NetWitness. EMC was already a customer, as the RSA Security chairman had disclosed on a conference […]

U.K. police have arrested three alleged members of the SpyEye gang. Security researchers consider SpyEye, a banking Trojan that harvests victims’ personal credentials, the de facto successor to the Zeus Trojan. Two of the men were charged on April 8, but the third man was released on bail on the condition that he return for […]

Koobface, the worm that wreaked havoc on Facebook last year appears to have stopped using the social-networking site to spread its malicious links, security researchers found. The last time Koobface tried to infect users was around February 13, researchers at security firm FireEye noted on its Malware Intelligence Lab blog on April 8. The link […]

Each day, a new company is added to the list of clients affected by the massive data breach at email marketing provider Epsilon. Now, several U.S. senators and House representatives are demanding more details about the magnitude of the breach and how the email thefts are impacting consumers. U.S. Sen. Richard Blumenthal of Connecticut wrote […]

Microsoft’s massive April Patch Tuesday will tie the record for the most security bulletins released at one time. It is a dramatic contrast to last month’s skimpy Patch Tuesday release, which only contained three security bulletins. On April 12, Microsoft plans to release 17 security bulletins, including nine that are rated “Critical” and eight rated […]

Department of Homeland Security personnel and contractors who work on cyber-security would be considered “essential” employees and would not be furloughed if the government shuts down, according to DHS officials. Federal agencies and departments are trying to determine which employees will have to stay at home when the current stopgap spending expires April 8. Congress […]

Cyber-attackers hacked one of the sites belonging to the U.S. Postal Service to redirect visitors to an attack portal containing Trojans. The attackers used a kit to launch the Javascript attack. The USPS national customer support center, ribbs.usps.gov, was compromised using the Blackhole Exploit Kit, researchers at Zscaler said April 7. Attackers injected malicious Javascript […]