Stolen credentials, basic security lapses at core of 2012 breaches

Robert Westervelt, News Director

A common thread could be weaved through the high profile data breaches that took place in 2012. Attackers are targeting basic security lapses and configuration errors or bypassing security systems altogether by using stolen account credentials

    Requires Free Membership to View

to appear as a legitimate user on the network.

In this edition of the Security Squad podcast, the SearchSecurity editorial team discusses some of the lessons learned from the top breaches of 2012. From source code leaks to credit card data, from poorly protected email and account credentials to intellectual property, attackers demonstrated that they can get into corporate systems and often remain there undetected for extended periods.  

Emerging password alternatives have some complex hurdles to climb before becoming mainstream. Multi-factor authentication is being implemented by more websites, but implementation needs to be rolled out systematically and more of an effort needs to be made to encourage people to more broadly adopt the protection.  

Security awareness training is essential in reducing social engineering attacks, but the training must be done in a way that makes it personal for the end user. Programs that teach employees how to protect their children and their banking activities could eventually foster awareness and translate into better protecting the company data, experts say.

Listen to the Security Squad podcast or right click and download the MP3.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: