http://www.computerworld.com/s/article/9222422/RSA_security_lapse_led_to_March_hack_says_researcher By Gregg Keizer Computerworld December 5, 2011 The attack that hacked RSA Security's network earlier this year succeeded because the company failed to take a basic security precaution, a researcher said Monday. According to Rodrigo Branco, the director of Qualys' vulnerability and malware research labs, the malware targeted the decade-old Windows XP. "The feeling is the target[ed PC] was running Windows XP SP3 ... with all the patches," said Branco in emailed answers to questions. The problem, said Branco, is that while Windows XP includes the DEP (data execution prevention) defensive technology -- Microsoft added DEP to XP in 2004 with Service Pack 2 -- it's not switched on by default. And RSA apparently neglected to turn it on. [...] _____________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isnReceived on Tue Dec 06 2011 - 02:54:03 PST
This archive was generated by hypermail 2.2.0 : Tue Dec 06 2011 - 02:58:56 PST