Security firm RSA attacked using Excel-Flash one-two sucker punch

RSA attacked using Flash vulnerability
It has emerged that the underlying cause of RSA's SecurID gaffe was the recently-reported zero-day vulnerability found in Adobe's Flash Player.

The exploit, which used specially-crafted Flash embedding in Excel spreadsheets, was first reported on March 15 and has since been fixed. RSA was hacked sometime in the first half of March when an employee was successfully spear phished and opened an infected spreadsheet. As soon as the spreadsheet was opened, an advanced persistent threat (APT) -- a backdoor Trojan -- called Poison Ivy was installed. From there, the attackers basically had free reign of RSA's internal network, which led to the eventual dissemination of data pertaining to RSA's two-factor authenticators.

The attack is reminiscent of the APTs used in the China vs. Google attacks from last year -- and indeed, Uri Rivner, the head of new technologies at RSA is quick to point out that that other big companies are being attacked, too: "The number of enterprises hit by APTs grows by the month; and the range of APT targets includes just about every industry. Unofficial tallies number dozens of mega corporations attacked [...] These companies deploy any imaginable combination of state-of-the-art perimeter and end-point security controls, and use all imaginable combinations of security operations and security controls. Yet still the determined attackers find their way in."

What we'd like to know, though, is whether the attack on RSA was caused by Adobe's lackadaisical approach to patching Flash -- or was it the other way around? Was it the RSA attack that first brought the zero-day vulnerability to Adobe's attention?

Security firm RSA attacked using Excel-Flash one-two sucker punch originally appeared on Download Squad on Wed, 06 Apr 2011 06:55:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/04/06/security-firm-rsa-attacked-using-excel-flash-one-two-sucker-punc/

ORACLE ZORAN XILINX NUANCE COMMUNICATIONS HEARTLAND PAYMENT SYSTEMS MANTECH INTERNATIONAL L1 IDENTITY SOLUTIONS

Solar-powered Son-X Octavia now bringing 'interactive sound' to school playgrounds

Solar-powered Son-X Octavia now bringing 'interactive sound' to school playgrounds

While initially announced in the summer of 2011, the Son-X Octavia has been working its way into reality ever since. As of this month, though, the solar-powered "interactive sound device" is now shipping to schools in Europe. For those unfamiliar, the coconut-esque device straps onto a conventional swing set in order to keep kids outside -- using technology to prevent kids from becoming supersaturated with technology, if you will. The company has designed it with tight school budgets in mind, making it completely wireless, self-contained and easy to install. Once in place, swingers can activate three aural games, each of which act to "awaken the natural curiosity in children to explore the possibilities through activity." Not surprisingly, it's designed to be upgraded over time, with new titles to be made available on USB drives. The outfit's still not offering 'em direct to consumers, but those with B2B connections can grab one for €499 ($624).

Solar-powered Son-X Octavia now bringing 'interactive sound' to school playgrounds originally appeared on Engadget on Sun, 27 May 2012 04:33:00 EDT. Please see our terms for use of feeds.

Permalink   |  sourceSon-X Play, Hags  | Email this | Comments


Source: http://feeds.engadget.com/~r/weblogsinc/engadget/~3/OtpWC3afX7o/

ALLTEL KLATENCOR COMPAL ELECTRONICS VEECO INSTRUMENTS INTUIT ALLIANCE DATA SYSTEMS ATandT

This Terrible Thief Used a Stolen iPhone to Take Pictures That Synced Back to the Owner's Computer [Crime]

That's Nelson above. That's Nelson partying. That's Nelson with his girlfriend. All those pictures were taken with an iPhone he stole. Pictures that were automatically sent to the phone's original owner, Katy McCaffrey, through Photostream. McCaffrey posted a hilarious Facebook photo album detailing Nelson's various adventures with her stolen phone. More »


Source: http://feeds.gawker.com/~r/gizmodo/full/~3/kCn3KXx23i4/dimwitted-thief-uses-stolen-iphone-to-take-pictures-that-sync-back-to-orignal-owners-computer

AVNET TRANSACTION SYSTEMS ARCHITECTS HCL TECHNOLOGIES SPSS TOTAL SYSTEM SERVICES ELECTRONIC DATA SYSTEMS MICROCHIP TECHNOLOGY

MoPub Launches A “Buy It Now” Private Marketplace For Mobile Advertisers

MoPub Private Marketplace screenshotMoPub, an ad serving startup for smartphone apps, is announcing a new way for its publishers to offer their inventory to advertisers — a private marketplace limited to select publishers and advertisers. Basically, the market creates a more direct relationship, where publishers get more control and predictable pricing, while advertisers get early access. Advertisers will get first look a publisher's inventory — MoPub compares the marketplace to a eBay's Buy It Now model, where buyers can skip the auction process and just purchase an item at a set price (in this case, an ad impression). They also get access to special data like demographics, geography, and in-app purchase history.

Source: http://feedproxy.google.com/~r/Techcrunch/~3/BnhQu2VuolU/

SKYWORKS SOLUTIONS ORACLE ADOBE SYSTEMS RACKABLE SYSTEMS INGRAM MICRO NOVELL INTERNATIONAL RECTIFIER

Gillmor Gang: Adventures in Medication

Gillmor Gang test patternThe Gillmor Gang — Robert Scoble, Keith Teare, Kevin Marks, John Taschek, and Steve Gillmor — explodes in opinions about Facebook IPO, Facebook privacy or lack of it, Facebook acquisition frenzy-to-be, and more Facebook, Facebook, Facebook. Surprisingly, this one goes on for a record-breaking hour and thirty-nine minutes, proving once again that size doesn't matter. Except in electronic condoms. Also discussed; Why G-Tar didn't win the Techcrunch Disrupt grand prize, why Kevin Marks' Target knockoff doesn't come close, and why Keith Teare is a venture communist. No animals or Wall Street traders were harmed in the making of this film. As John Taschek implied, you ain't seen nothin' yet. Did I mention we talked about Facebook.

Source: http://feedproxy.google.com/~r/Techcrunch/~3/A1SMRi9ljwg/

MENTOR GRAPHICS EMULEX ARROW ELECTRONICS INTERNATIONAL BUSINESS MACHINES MILLICOM INTL CELLULAR PEROT SYSTEMS WESTERN DIGITAL

Windows 8 getting a built-in PDF reader, Metro-style

For what seems like an eternity, Download Squad readers have reacted to news of security exploits targeting Adobe Reader with a common sentiment: why doesn't Microsoft build its own secure PDF reader into Windows? Apparently the Windows 8 team agrees, and they're working away at an application called Modern Reader which is exactly that.

From the handful of screenshots Paul Thurrott has shared, it's clear that Modern Reader has been built with Metro in mind. You can see the Reader back button in the top-left corner of the yellow image and the minimal page navigation bar on the right. We've posted some larger images we managed to scrape from Google's cache after the break.

Thurrott also mentions that Modern Reader is the first program spotted which is built using AppX -- a packaging technology that may allow developers to roll a single build to both Windows 8 desktops and Windows Phone 8 mobile devices.

Continue reading Windows 8 getting a built-in PDF reader, Metro-style

Windows 8 getting a built-in PDF reader, Metro-style originally appeared on Download Squad on Mon, 04 Apr 2011 17:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/04/04/windows-8-getting-a-built-in-pdf-reader-finally/

EASTMAN KODAK CO VARIAN SEMICONDUCTOR EQUIPMENT ASSOCIATES ORACLE ZORAN XILINX NUANCE COMMUNICATIONS HEARTLAND PAYMENT SYSTEMS

Gadget Of The Week: The Parrot AR.Drone 2.0

parrot-drone-2There are plenty of ways to get your flight school kicks with your smartphone or tablet — this missile shooting Griffin chopper comes to mind — but few manage to ooze as much style (or cost as much money) as Parrot’s AR.Drone 2.0. Getting the thing ready to fly is surprisingly simple. Once you’ve popped the battery into place, and turned the thing on, the Drone creates its own Wi-Fi network that the control device connects to. From there, just fire up the FreeFlight app on your iOS or Android device and you’re off to the races.

Source: http://feedproxy.google.com/~r/Techcrunch/~3/uM1zLZCvch0/

ELPIDA MEMORY SYMANTEC INVENTEC QUEST SOFTWARE JDA SOFTWARE GROUP OPENWAVE SYSTEMS EASTMAN KODAK CO

A Clever Pot Holder That Disappears Before Your Eyes [Wish You Were Here]

A kitchen gadget is only as useful as it's easily accessible while you're cooking. So with that in mind, designer Chih Ching Yang created this adorable Gasper pot holder that's designed to forever haunt your kitchen counters. More »


Source: http://feeds.gawker.com/~r/gizmodo/full/~3/pCSUlh5lmpg/a-clever-pot-holder-that-disappears-before-your-eyes

ITRON GOOGLE COMCAST HEWLETT PACKARD CO TIBCO SOFTWARE ACER SYBASE

First fifty Galaxy S III owners to win Olympic tickets

Galaxy S III

An email from the Samsung store at Westfield Stratford City, London has just arrived in our inbox, with details of the Galaxy S III launch event on the evening of next Tuesday, May 29. As we've already reported, Samsung's kicking things off a little early for pre-order customers at its branded store at the London shopping center. Invites are being sent out for 5pm, with the first sales taking place an hour later at 6, assuming you've pre-ordered your S III.

And to sweeten the deal, the first 50 Galaxy S III's sold at the Samsung store will win free tickets to this summer's London games. Being the official phone of the Olympics, it's not surprising to see a little cross-promotion from Samsung. (Earlier in the week we reported on limited "Olympic editions" of the Galaxy Note and Galaxy Y being sold through O2 UK.)

Anyone planning on heading down to Stratford for the Galaxy S III launch next Tuesday? Shout out in the comments!

Source: http://feedproxy.google.com/~r/androidcentral/~3/w0QV3CnOvGQ/story01.htm

ALLTEL KLATENCOR COMPAL ELECTRONICS VEECO INSTRUMENTS INTUIT ALLIANCE DATA SYSTEMS ATandT