Access your Pro+ Content below.
Lessons learned from VeriSign, Symantec breaches
This article is part of the March 2012 issue of Information Security magazine
If 2011 proved anything, it was that security vendors are clearly in the crosshairs of hackers and cybercriminals: Security giant RSA, HBGary Federal, digital certificate authorities Comodo and DigiNotar all fell victim. Then not even a week into 2012, news broke that attackers compromised another industry giant, Symantec. Then only a month later, news hit of another breach, this time VeriSign. So the trend continues. These breaches hit the industry hard. They’re not just about some exposed credit card numbers or email addresses, but in some cases, threaten the core technology organizations rely on. In the case of RSA and theft of SecurID-related IP, the impact was far reaching for its customers and the industry as a whole [see p. XX for our in-depth analysis]. The CA compromises eroded trust in the CA system overall. Fallout from the Symantec breach continued to unfold in early February, after a hacker released the source code for the company’s pcAnywhere software. In January, the company took the drastic step of telling ...
Features in this issue
Learn about SIEM technology and how to unlock the opportunity for SIEM technology to be a powerful technique in the fight against cybercrime.
The attack on RSA shook the security industry to its core: A look at the breach’s far reaching impact.
There’s a lot of hype about next-generation firewalls. Here’s what you need to know.
Poorly configured remote administration tools are a common attack vector, security experts say.