Fahmida Y. Rashid

A scammer managed to spear phish media giant Conde Nast and walk off with $8 million after he posed as a legitimate business. With the specter of spear phishing looming in the post-Epsilon-and-Silverpop world, the Conde Nast incident is a timely reminder of how easy it is to fall for a scam. The steps were […]

Symantec identified more than 286 million new threats in 2010, according to its annual threat security report. The report highlighted increasingly sophisticated attacks, the growth of networking sites as an attack vector, using Java to spread malware, an increase in rootkits and a shift toward smartphone attacks. Not only were there more threats in 2010, […]

If you are even remotely concerned about online privacy, you might reconsider using the Color mobile application, as it is worthless if you aren’t willing to share your location information. Graham Cluley, a senior technology consultant at Sophos, pointed out on the NakedSecurity blog that Color is up-front about the lack of privacy in its […]

Epsilon, a large email marketing services company with a roster of A-list clients, reported a data breach that is impacting practically anyone who has ever signed up to receive a retail offer or alert through its email account. The company warned that thieves may use the information to launch a phishing campaign to trick users […]

Data breaches dominated headlines this week, but there were also some good news from the botnet front to finish out the month of March. The week began with a gloating email from the person claiming to have been behind the attack on Comodo partners that resulted in nine fraudulent SSL certificates being issued. While Iranian, […]

Cyber-attackers shifted away from traditional methods to Web-based attacks in 2010, thanks to the proliferation of Web-based plug-ins and attack toolkits, according to a new security report compiled by Hewlett-Packard. Web-based attacks jumped from only a tenth of all attacks at the beginning of 2010 to more than 70 percent of all attacks by the […]

With a number of high-profile data breaches dominating headlines recently, especially the latest one from email marketing company Epsilon, smaller companies may be wondering what they can do to ensure how they can survive a similar attack. The answer seems to be training employees to recognize targeted attacks using these “real-world” incidents. Epsilon, a large […]

Security experts warned that users needed to be extremely vigilant and brush up on their security awareness to ensure they don’t fall victim to phishing emails expected after a data breach at a major marketing firm compromised several email lists. Epsilon, a large email marketing services company with a roster of A-list clients, disclosed April […]

The sophisticated attack that breached RSA’s defenses and allowed attackers to steal SecurID data appears to have begun as a phishing attack, according to several security analysts briefed by the company. RSA has faced some criticism from about its internal security practices. During a private call with security analysts, the executive chairman of RSA Security, […]

Silverpop attackers are finally beginning to monetize the customer data they stole last fall from the email marketing company. The spam campaign using email addresses stolen from Silverpop’s database appears to be pushing the fake Adobe Reader update scam. The first sign came March 27 when Play.com customers reported receiving spam with links pointing to […]