Microsoft also victim of recent watering hole attack
Posted on 25 February 2013.
Microsoft has followed in the steps of Twitter, Facebook and Apple, and has confirmed on Friday that it has recently experienced a security intrusion.


"During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations," stated Matt Thomlinson, General Manager of Microsoft's Trustworthy Computing Security, and added that so far, they have found no evidence of customer data being affected, but that the investigation is still ongoing.

"This type of cyberattack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries. We continually re-evaluate our security posture and deploy additional people, processes, and technologies as necessary to help prevent future unauthorized access to our networks," he concluded.

He shared no more details about the breach for the time being.

Twitter, Facebook and Apple have recently notified the public about the breaches into their internal networks, which were the result of a watering hole-type of attack.

The watering hole in question was the iPhoneDevSDK forum site, popular with mobile developers, and the attacker have managed to infect the visitors' computer by serving exploits for (at the time unpatched) Java vulnerabilities.

It is still unknown whether the attack was aimed at these high-profile targets, but what is known is that it wasn't limited to them - any visitor that still had Java enabled on his browser or computer was bound to be affected.

So let me reiterate once more: if you don't need Java, remove it from your devices. If you're not sure whether you need it or not, remove it and see how it goes. If you miss it and can't do without it, you can always install it again.





Spotlight

Using Hollywood to improve your security program

Posted on 29 July 2014.  |  Tripwire CTO Dwayne Melancon spends a lot of time on airplanes, and ends up watching a lot of movies. Some of his favorite movies are adventures, spy stuff, and cunning heist movies. A lot of these movies provide great lessons that we can apply to information security.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Jul 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //