Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Waveduke - thanks for the laugh. It would just be nice to see (besides the cc) something from Lee. Its been so quiet. Those 6 to 10 co's were about a year ago. Anyways 10 years plus and still hanging in there. I bet I'm not the only one with WIRBRS. Again, thanks for the laugh.
Genz2
Past CC's
Do you ever notice how all the analysts say good quarter SKS before they ask him a question? It would be nice if an analyst said lousy quarter Steven, why aren't you profitable? The reason I say this is because it seems like its become acceptable to not be profitable. We're thanking SKS for another non-profitable quarter. Isn't that what one of the chief aims of a corporation is to be profitable?
Is Wave involved, should they be:
Amazon Web Services Launches Amazon GovCloud
Amazon Web Services (AWS) has launched Amazon GovCloud, a tool intended to provide U.S. government agencies a means to securely move their workloads into the cloud, the company announced Tuesday.
In the past, government agencies have been hesitant to make the move into the cloud because many cloud servers don't comply with rules like the International Traffic in Arms Regulations (ITAR), which requires that data only be accessible in the United States. But Amazon said GovCloud content cannot be accessed by people outside of U.S. borders.
Because of the limited access, Amazon said agencies can safely move more sensitive data while remaining in cooperation with government regulations. GovCloud supports the same security controls available in existing AWS regions such as FISMA, FIPS 140-2 compliant end points, SAS-70, ISO 27001, and PCI DDS Level 1. It's also in line with HIPPA laws.
NASA is among the 100 plus agencies using AWS GovCloud.
"Today, over 100 government agencies are taking advantage of AWS and we're excited to continue working with agencies as they implement the Federal Cloud First policy to become more efficient, agile, and innovative through more effective use of technology infrastructure," vice president of AWS global public sector Teresa Carlson said. "AWS is the next step in that evolution."
AWS services provided in GovCloud include Amazon Elastic Compute Cloud (Amazon EC@), Amazon Simple Storage Service (Amazon S3), and Amazon Virtual Private Cloud (Amazon VPC).
Last week, Amazon's cloud services suffered a stateside cloud outage that affected popular services like Foursquare, Reddit, and Netflix. A larger outage also hit the service in April.
In recent months, government agencies hit by budget cuts have considered or moved to cloud services. In June, Wyoming became the first state government to fully migrate to the Google cloud, which is expected to save the state $1 million a year. In December, the U.S. General Services Administration decided to move its 17,000 employees onto Google's hosted Web apps.
Cloud successes for Google have not pleased Microsoft. In April, Microsoft said that Google's Google Apps for Government are not FISMA compliant. Microsoft's BPOS-Federal suite of apps later received FISMA certification.
http://www.pcmag.com/article2/0,2817,2391261,00.asp
Remembering...
Remember when Wave used to have an interesting PR about every three weeks or something interesting coming down the pike. We haven't seen anything since BASF. We've got BP, a gov't contract in 2050, a company in Amsterdam that we're 'talking to' and a lot of enthusiasm and excitement.
WHEN IS WAVE GOING TO 'Get Er Done' No more excuses Wave.
GET ER DONE.
One frustrated shareholder. PROFITABILITY. WHEN?????????? Shareholders deserve real results after hearing all the excitment and enthusiasm from the 3rd q cc 2010. C'mom Man.
From the cc and maybe telling of the future:
"We have other accounts that are in the pipeline, some of which that we've been informed we're winning the business, but we have yet to actually receive this specific purchase order. We expect to close those in both third and fourth quarter. So we're looking forward for a pretty strong next couple of quarters from an enterprise perspective as well."
June Hack of Washington Post Netted 1.27M User Account Details
July 7, 2011 03:02pm EST
Unknown hackers broke into The Washington Post's Jobs website last month, stealing about 1.27 million user IDs and email addresses, the newspaper revealed Thursday.
An "unauthorized third party" attacked the paper's job listings site and gained access to user information in "two brief episodes" on June 27 and June 28, according to the Post. Aside from the theft of user IDs and email addresses, "no passwords or other personal information was affected," the newspaper stated.
The Post assured its users that "[t]heir Jobs accounts remain secure," though warned that those whose email addresses were stolen may receive spam email as a result.
The newspaper did not know the precise number of individuals affected but estimated that "roughly 1.27 million" user accounts were accessed by the hacker or hackers. The Post did not elaborate on the methods used by the intruders or vulnerabilities in its systems that might have given outsiders access to users' private information.
"We quickly identified the attack and took action to shut it down," the paper's announcement stated. The Post claimed it had "implemented additional measures to prevent against a similar act in the future," is auditing the Jobs site's security framework, and is cooperating with law enforcement in investigating the intrusion.
The security breach is the latest in a series of high-profile and seemingly random cyber-attacks on corporate and government properties that have made headlines in recent months, including several that targeted media organizations like Fox.com and PBS.org, as well as gaming networks like Sony's PlayStation Network.
But unlike recent attacks carried out by "hacktivists" like Anonymous and LulzSec that seem politically motivated and even prank-like, the Post intrusion may have been the work of traditional profit-motivated cybercriminals, if the paper's contention that collecting email addresses to spam was the motive.
http://www.pcmag.com/article2/0,2817,2388200,00.asp
PayPal UK Twitter account hacked apparently by angry customer
Hack is second high-profile hack of the week against Twitter accounts, showing weakness of single-password process for critical accounts
A disgruntled customer appears to have taken control of PayPal UK's Twitter account and has used it to complain about the service in a series of angry tweets on the service.
The person, who has not given any clue to their identity, has put out a series of tweets complaining that PayPal froze their account and seeking to embarrass the company by linking to paypalsucks.com, which says it is "an anti paypal site exposing the nightmare of doing business 'the paypal way'." It is not known whether the customer has any link to paypalsucks.com, which was first registered in 2000 and has remained under the same owner since.
A spokesman for PayPal UK said that the company is looking into what happened but emphasised that it was only the Twitter account, and not any of the sensitive customer systems with credit card or other data that had been breached. Twitter accounts are protected by a simple password which can sometimes be guessed or stolen and means that the service can be accessed by anyone with that password.
Earlier this week the Twitter account of Fox News politics was hacked by a group with links to the Anonymous hacker collective, and used to falsely claim that Barack Obama had been assassinated.
One was to prevent such account hacking would be to introduce "two-factor authentication" to certain accounts. That would require anyone who tried to log in from a different computer, or after a specific delay, to get an authentication code sent from Twitter to a mobile phone, or use a preset code. The Guardian has asked Twitter whether it plans to introduce this, though so far without response.
Ebay-owned PayPal has more than 100m credit card accounts.
Update 10.10pm: Twitter has suspended the PayPal UK account.
http://www.guardian.co.uk/technology/blog/2011/jul/05/paypal-uk-twitter-hack-customer
"Indestructible" Botnet Malware Infected 4.5 million PCs
A virtually indestructible botnet malware has ensnared more than four million PCS globally in the first three months of 2011, according to Kaspersky Labs, which described it as the “most sophisticated threat” to computer security today.
In a posting on their blog, the Moscow-based anti virus firm described the malware as “the most sophisticated threat today”. It is a variant of a virus known as TDSS, which Kaspersky has numbered TDL-4.
TDSS uses a range of methods to evade signature, heuristic, and proactive detection, and uses encryption to facilitate communication between its bots and the botnet command and control center. TDSS also has a powerful rootkit component, which allows it to conceal the presence of any other types of malware in the system.
The post goes into great detail on the technical specifications of the sophisticated malware that communicates using encrypted messages and relays messages through proxy servers to protect the command and control servers.
Once infected, the target PC joins this ever-growing botnet. A botnet is a network of infected computers that can be used, without the owners knowledge, to flood spam messages or launch attacks on other computers. Botnets are controlled by command and control servers. In the past law enforcement agencies have targeted these servers, successfully taking control of the botnet away from the cybercriminals. In this case the virus authors have taken steps to protect their network.
The new protocol encryption algorithm for communications between the botnet control center and infected machines ensures that the botnet will run smoothly, while protecting infected computers from network traffic analysis, and blocking attempts of other cybercriminals to take control of the botnet.
The malware infects the master boot record, the part of the PC system that boots first before the operating system loads. By getting in so early in the computers cycle, the virus can exert control far more easily, making it easier for it to avoid detection and to disable counter-measures. It also takes steps to stop other viruses from attacking the same computer.
TDL-4 is a bootkit, which means that it infects the MBR in order to launch itself, thus ensuring that malicious code will run prior to operating system start. This is a classic method used by downloaders which ensures a longer malware lifecycle and makes it less visible to most security programs.
TDL nimbly hides both itself and the malicious programs that it downloads from antivirus products. To prevent other malicious programs not associated with TDL from attracting the attention of users of the infected machine, TDL-4 can now delete them. Not all of them, of course, just the most common.
Most of the more than 4.5 million victims, 28%, are in the U.S. but Kaspersky reports significant numbers in India (7%) and the U.K. (5%). France, Germany, Mexico and Canada all played host to about 3% of infections each.
http://blogs.wsj.com/tech-europe/2011/07/01/indestructible-botnet-malware-infected-4-5-million-pcs/?mod=google_news_blog
Microsoft 365 Office...
With this being launched today and Microsoft being behind its end to end trust (TPMS) why is microsoft making it a requirement to use a TPM in authentication to the cloud. How are they protecting the cloud version of Office? It seems like the TPM would be a good place to start for Wave and Microsoft.
Lulzsec and Anonymous Declare Open War Against All Governments and Fat Cats
Jesus Diaz —Lulzsec and Anonymous Declare Open War Against All Governments and Fat CatsLulzsec and Anonymous have just declared full open war against all governments, banks and big corporations in the world. They are calling all hackers in the world to unite. Their objective is to fully expose all corruption and dark secrets:
Salutations Lulz Lizards,
As we're aware, the government and whitehat security terrorists across the world continue to dominate and control our Internet ocean. Sitting pretty on cargo bays full of corrupt booty, they think it's acceptable to condition and enslave all vessels in sight. Our Lulz Lizard battle fleet is now declaring immediate and unremitting war on the freedom-snatching moderators of 2011.
Welcome to Operation Anti-Security (#AntiSec) - we encourage any vessel, large or small, to open fire on any government or agency that crosses their path. We fully endorse the flaunting of the word "AntiSec" on any government website defacement or physical graffiti art. We encourage you to spread the word of AntiSec far and wide, for it will be remembered. To increase efforts, we are now teaming up with the Anonymous collective and all affiliated battleships.
Whether you're sailing with us or against us, whether you hold past grudges or a burning desire to sink our lone ship, we invite you to join the rebellion. Together we can defend ourselves so that our privacy is not overrun by profiteering gluttons. Your hat can be white, gray or black, your skin and race are not important. If you're aware of the corruption, expose it now, in the name of Anti-Security.
Top priority is to steal and leak any classified government information, including email spools and documentation. Prime targets are banks and other high-ranking establishments. If they try to censor our progress, we will obliterate the censor with cannonfire anointed with lizard blood.
It's now or never. Come aboard, we're expecting you...
History begins today.
Lulz Security
This is not going to end well. Or perhaps it will end well. Could this movement help change the world for the better? With the growing worldwide discontent against the political and financial establishment—in my home country and all through Europe people are organizing to fight corrupted politicians and their greedy fat owners—I wonder if this may very well be the beginning of our May 1968. That was the time when the young French generations stood up against the government to demand a much needed change.
Opening the vaults of dark secrets and exposing corruption everywhere would certainly help towards that goal: Real change. Perhaps this is just the beginning of a quiet and angry revolution that will make the world a better place. Maybe making that information public will be instrumental to wake everyone up.
That said, exposing emails and private information from normal people or sinking ships that are neutral in this battle will not help towards that cause. That's not good and will not help anyone but those who they declare their enemies.
But uncovering the wrongdoings of states and economical institutions? I'm all for it.
http://gizmodo.com/5813560/lulzsec-and-anonymous-declare-open-war-against-all-governments-and-fat-cats
Pakistani hacker claims HP systems attack
HexCoder claims to have broken into HP FTP server and accessed 9GB of data; HP says its probing the claim
Computerworld - Hewlett-Packard Co. has become the latest to add its name to the rapidly growing list of high-profile corporate hacking victims.
The Hacker News, an online news site, this morning reported that Pakistani hacker HexCoder claims to have penetrated an HP FTP server and accessed about 9 GB of data.
A HP spokesman this afternoon said that the trying to verify the hacker's claims. He added that the data alleged to have been compromised is in the Japanese language. The company is working with its Japan operation to find out what might have happened.
"There's a high likelihood that this is stuff that is publicly available," the spokesman added.
Data breaches
THN posted several screen shots of the data HexCoder claims to have accessed from the HP system.
It's unclear from the screen shots whether any personal or financial data was compromised in the alleged attack.
The names of some of the exposed files suggest that some information might have been publicly available, as HP claimed. For instance, several of the allegedly exposed files appear to be newsletters from 2003 and 2004.
Some of the filenames that are visible in the screenshots suggest that data on the Japanese versions of HP's Linux, ProLiant storage systems may have been compromised.
The news site quotes the hacker as saying: "I have done this by getting access to FTP successfully. All this by just mere stupidity! Oh and I will not share their database because its too big (9 GB)."
In an email to Computeworld, THN editor Mohit Kumar said the screenshots made available to THN show that the hacker has permissions to 777 files on the compromised system. "That means he [may have] root access, almost in FTP," Kumar said.
The screenshots made available by HexCoder suggests that information on various HP software products, tools and drivers has been copied, Kumar said. One of the exposed folders appears to contain delivery reports on various HP products. Another contains various news media files and newsletter items, he said.
The alleged attack on HP lengthens the growing list of organizations that have been recently hacked in similar fashion. Other recent victims include:
Bulleted list code:
* RSA;
* Sony;
* Oakridge National Laboratories;
* Lockheed Martin;
* the International Monetary Fund; and
* the CIA.
In some cases, such as the attacks on RSA, Lockheed and Oakridge, the motive appears to be espionage and IP theft. But most of the other recent attacks appear aimed at embarrassing organizations.
In some cases, the attacks have followed recent news events.
The attacks on the IMF for instance, came just weeks after ex-IMF chief Dominique Strauss-Kahn was arrested on sexual abuse charges. The HP attacks come just days after the company announced an executive realignment.
What has been especially discomfiting for many of the victims is the fact that the breaks-in often have resulted from embarrassingly low-tech methods that showed fundamental security lapses.
RSA ramps up production in March
RSA has basically said that their tokens are still good. Then why did they ramp up production in March to over 5 million a month? Just wondering...
Long Wait for RSA Security Tokens
Computer security firm RSA says it is only offering to replace about a third of its SecurID tokens, amid indications it could take months to swap them out for its entire user base.
The comments clarify steps the firm is taking following a pair of high-profile hacking incidents that involved the theft of information related to the SecurIDs and an attack on RSA customer Lockheed Martin Corp.
While the EMC Corp. unit sorts out logistics, its more than 25,000 customers face long waits and some difficult choices in figuring out how to protect their systems in the wake of the security breach.
"It is a pretty huge breach because it affects so many people that were relying on its technology," said Chris Wysopal, chief technology officer of security consultant Veracode, which itself uses RSA tokens. "It puts all of their customers at significant risk."
In a June 6 interview, RSA Chairman Arthur W. Coviello Jr. said the company offered to provide security monitoring or replace the SecurID tokens "for virtually every customer we have."
Customers took that to mean that RSA was offering to replace all of the physical tokens free. RSA, however, said at the time that its offer to replace tokens was only for customers protecting intellectual property. It now says those clients, while accounting for the bulk of its customers, represent about one-third of its active token base.
The other two-thirds of RSA's token base—mainly banks that do business with consumers— have only been offered transaction and authentication monitoring services. RSA also says it is working with all of its customers on a case-by-case basis.
Addressing even that limited set of the company's 30 million to 40 million active tokens could take months. After RSA discovered the breach in March, the company ramped up token production to 5 million a month, compared with about 800,000 tokens a month prior to the attack, a person familiar with the matter said.
That means it could take at least six to eight months to replace all of the tokens, and at least two months to replace a third of them. The manufacturing bottleneck could be even greater given RSA tokens typically expire after three years and must be replaced.
"They actually have to manufacture these tokens, and the lag time could be months," said Mark Shapiro, senior strategist in the identity solutions group of Verizon Business, a unit of Verizon Communications Inc. RSA said it would be able to meet customer demand.
Verizon, a major reseller of RSA tokens to businesses and also a seller of its own authentication tools, says some of its customers are now weighing the costs of replacing their tokens against ditching RSA in favor of other services.
"This has really pushed people that were already considering doing this into another realm, because now they're concerned with the security aspect of continuing with RSA," Mr. Shapiro said of customers who were contemplating a switch from RSA.
Chris Fedde, chief executive at RSA rival SafeNet Inc., said inquiries have perked up since the breach. "Because we service large enterprises and governments, what we're seeing so far is a lot of interest," he said.
SafeNet is starting a program to allow U.S. federal government and defense contractors to swap out their RSA tokens for free SafeNet tokens.
One large bank customer—which has about 1,000 tokens for employees and several million for customers—plans to replace only the SecurIDs used by employees with access to critical data. An executive said the company plans to replace the other tokens when they come up for renewal and rely on additional security measures from RSA, such as transaction monitoring.
An executive at a large U.S. health-care company said the organization is taking up RSA on its offer to replace all of its 100,000 tokens. But since RSA isn't offering to pay for distribution costs, the company is going to expand the number of those tokens that are software based, meaning they use applications installed on PCs and smartphones. Only 25% of the replacement tokens will be hardware based, much fewer than the current crop.
Software tokens can be distributed quickly, in about two days, while hardware tokens can take weeks to replace, the person said. Other customers said they are declining the software-based tokens due to concerns they offer a lower level of security. A March 28 advisory on the RSA breach distributed by the National Security Agency warned of the risks of using soft tokens on smartphones, since all of the authentication information is stored on the device.
http://online.wsj.com/article/SB10001424052702303499204576390000478414400.html?mod=googlenews_wsj
Lulzsec leaks 62,000 email/password combo internet goodie bag
Fresh off their face-kicking of the CIA's website, LulzSec just decided to go with something a little less political: a 60k+ set of login info for... they won't say. But they're encouraging everyone to try 'em out across the web.
So far, eager downloaders have been retweeting claimed prizes of pilfered WoW, PayPal, porn, and Gmail accounts. Lulz hasn't said where they got the data, or what it's good for—instead, they're just encouraging their retinue to "Be creative instead of being a potato. Try PayPal combinations, twitter, Facebook, eBay, Runescape. Pick a target from the list."
It's an exciting day for the group and their fans. Unless your PayPal account just got jacked, in which case you are probably feeling lulz-deficient at the moment. I think it may be safe to say that LulzSec has officially supplanted Anon as the preeminent internet force of thunderous chaos for the time being.
LulzSec Hacker Group Claims Attack On US Senate Website
SAN FRANCISCO (Dow Jones)--A hacker group that has claimed attacks on media and law enforcement affiliates extended its month-long cyber rampage on Monday, boasting that it had cracked the U.S. Senate's website.
On Monday, the group--known as Lulz Security--posted a configuration file for the Senate's main website on its homepage. The material in the file doesn't suggest sensitive information was breached, but it does indicate Lulz Security infiltrated the Senate's network.
"This is a small, just-for-kicks release of some internal data from Senate.gov," Lulz Security said in its release. "Is this an act of war, gentlemen?"
The group appeared to be referencing a recent Wall Street Journal article that reported the Pentagon considered some forms of computer sabotage constituted warfare.
A Senate representative said she was unaware of any breach of the body's web site.
The intrusion is part of a spree of hacks by the group, which has targeted Japanese media-and-technology giant Sony Corp. (SNE, 6758.TO), the Atlanta chapter of Federal Bureau of Investigation affiliate InfraGard and U.S. public broadcaster PBS.
Also on Monday, LulzSec, as the group sometimes refers to itself, said it had broken into a website run by Bethesda Softworks LLC., which makes horror and fantasy games.
Bethesda acknowledged its network had been breached but said that no personal financial information or credit card data had been stolen.
"The hackers may have gained access to some user names, email addresses, and/or passwords," the company said. "As a precaution, we recommend that all our fans immediately change passwords on all our sites."
http://online.wsj.com/article/BT-CO-20110613-710201.html
LulzSec claims NHS hack
The Department of Health has confirmed that it received an email from the hacking group warning that admin passwords had been stolen
Lulz Security, the hacking group that has dominated IT security headlines in recent weeks with numerous attacks on high profile targets, has claimed that the NHS is its latest victim.
Interesting Links
Cyber defense group confirms website hack Lulz Security claims responsibility for hacking InfraGard, an FBI affiliate that co-ordinates information sharing to fight cyber crime
Hackers claim theft of 1m passwords from Sony Stealing unencrypted, plain text password file was "just a matter of taking it", says hacker group LulzSec
The hacking group made the claim on Twitter, saying it had stolen sensitive information including admin passwords. It linked to an email warning the NHS about vulnerabilities in its security systems.
"While you aren't considered an enemy – your work is of course brilliant – we did stumble upon several of your admin passwords," the email reads. On the version posted on the Internet, sensitive information has been blacked out.
The Department of Health confirmed that it had received Lulz Security's email, but did not say whether the allegedly stolen passwords were real.
A spokesperson for the Department said that it was a "local issue" and that no damage has been caused.
"No patient information has been compromised. No national NHS information systems have been affected," they said. "The Department has issued guidance to the local NHS about how to protect and secure all their information assets."
In a recent article entitled 'Why we secretly love LulzSec', journalist Patrick Gray praised the group for having highlighted security issues more effectively than the industry. "Security types like LulzSec because they're proving what a mess we're in," he wrote.
http://www.information-age.com/channels/security-and-continuity/news/1629533/lulzsec-claims-nhs-hack.thtml
Phone-hacking scandal widens to include Kate Middleton and Tony Blair
http://www.guardian.co.uk/uk/2011/jun/08/phone-hacking-kate-middleton-tony-blair
Online Businesses Urged by U.S. to Bolster Their Cyber Defenses
By Kelly Riddell - Jun 8, 2011 1:01 PM ET
The U.S. Commerce Department recommended ways for companies with an online presence to bolster their defenses against cyber attacks as part of an Obama administration strategy on Internet security.
Businesses should develop codes of conduct that reduce their vulnerability to computer attacks and identify government incentives that would encourage the adoption of sound security practices, according to a plan released today by the Commerce Department.
None of the proposal’s recommendations is final, and Commerce plans to solicit industry input during the coming months. Titled “Cybersecurity, Innovation and the Internet Economy,” the plan focuses on establishing industry best practices, creating incentives for improving security, increasing training and awareness, and fostering international collaboration.
“Our economy depends on the ability of companies to provide trusted, secure services online,” Commerce Secretary Gary Locke said in a statement. “By increasing the adoption of standards and best practices, we are working with the private sector to promote innovation and business growth, while at the same time better protecting companies and consumers from hackers and cyber theft.”
Today’s proposal is part of a broader effort by President Barack Obama to fight cybercrime. On May 12, the administration sent an outline for cybersecurity legislation to House and Senate lawmakers recommending tighter oversight of critical infrastructure, such as power grids and financial networks.
The Commerce plan focuses on businesses that do not qualify as critical infrastructure such as online retailers and social networking sites.
Recent Attacks
Recent hacker attacks on Sony Corp. (6758), Google Inc. (GOOG) and other corporations have sharpened U.S. government scrutiny of how companies safeguard consumer information and inform consumers about cyber attacks.
In April, Tokyo-based Sony disclosed that its entertainment networks had been targeted by hackers in incidents that exposed account information on 100 million customers and led the company to temporarily close its PlayStation Network. Google said in a June 1 blog post that an attempted hack originating in China targeted Gmail accounts of U.S. government officials, military personnel and journalists.
As the Internet grows, so has the threat of cybersecurity attacks, according to the Commerce Department. The number of Internet malware threats was estimated to have doubled between January 2009 and December 2010, the department said.
In April, the Commerce Department proposed creating a universal online identification system to improve the security of Internet transactions. The effort seeks to combat online fraud, which last year cost U.S. businesses $37 billion, according to Javelin Strategy & Research, a Pleasanton, California-based research group.
http://www.bloomberg.com/news/2011-06-08/online-businesses-urged-by-u-s-to-bolster-their-cyber-defenses.html
Acer Server in Europe Reportedly Breached
Pakastani hacker group claims it accessed personal data on 40,000 people
By Jaikumar Vijayan
June 3, 2011 03:31 PM ET
Computerworld - Hacking group Pakistan Cyber Army on Friday claimed it had broken into an Acer server in Europe and stolen personal data on about 40,000 people.
The group claimed that it also stole several pieces of source code that were stored on the compromised computer.
News of the breach was first reported today by The Hacker News (THN), which published screenshots showing samples of the allegedly compromised data, including names, email addresses, phone numbers and other information stored on the server.
THN said the Pakistan Cyber Army (PCA) contacted it earlier today to inform it of the attack on the Acer system and the theft of personal data.
Lisa Emard, director of media relations for Acer America, said the company's U.S. operations have no information on the breach. The company is trying to get a response to the PCA claims from its European officials, she added.
The breach comes as Acer, the second-largest manufacturer of laptop computers in the world, faces increased scrutiny of its financial reporting practices.
On Thursday, Acer's stock price tumbled precipitously on the Taiwan stock exchange after an audit uncovered irregularities in the company's inventory and audit receivables information, according to a Bloomberg report.
The findings will result in a one-time $150 million write-off for Acer, Bloomberg said.
A brief statement posted on Acer's U.S. site said that company Chairman and CEO J.T. Wang would take responsibility for the charge "by relinquishing total remuneration from his position as director of the company board, as well as employee bonus of 2010."
It's unclear if the hacking attack had anything to do with the company's financial woes.
Acer is just one of several large companies that have been compromised recently. Others in the news as a result of similar break-ins just this past week include Lockheed Martin, L-3 Communications and Sony.
http://www.computerworld.com/s/article/9217295/Acer_server_in_Europe_reportedly_breached
Sandy Bridge, TPM and consumer
What has happened here? Is Google going to be another Sandy Bridge? I guess I'm not seeing what the big deal is if you look at Sandy Bridge and what impact it has had on Wave.
Iran linked to attack, fraudulent SSL certs, targeting Google, Skype, Yahoo
http://blogs.computerworld.com/18021/iran_linked_to_attack_fraudulent_ssl_certs_targeting_google_skype_yahoo
Hacker takes off with TripAdvisor's customer email database
http://www.securecomputing.net.au/News/252313,hacker-takes-off-with-tripadvisors-customer-email-database.aspx
Does RSA SecurID have a U.S Gov't-Authorized Back Door?
http://www.cio.com/article/677924/Does_RSA_SecurID_have_a_U.S_Gov_t_Authorized_Back_Door_
Morgan Stanley Hacked in China-Based Attacks That hit Google
I bet a lot of companies wished they had Wave.
http://www.bloomberg.com/news/2011-02-28/morgan-stanley-network-hacked-in-same-china-based-attacks-that-hit-google.html
Thanks and good point Barge...
I think there was some good information in Tsunami's post a little bit ago. It seems that Vpro is pointing to encrypted hard drives and I'll take 7.50 over .95. Thanks Barge.
HP bundling...Doesn't look like it.
Hacker Targets eHarmony, Accesses User Screen Names, Passwords
http://www.switched.com/2011/02/11/eharmony-hacked-screen-names-passwords-vulnerable/
Intel Core Processors to Get Strong Authentication
http://www.cio.com/article/663338/Intel_Core_Processors_to_Get_Strong_Authentication_Security
I would hope that id.wave.com gets moving along....
Wiki Leaks - Assange to appear on 60 minutes Sunday - might be interesting.
Paypal Launches Micropayments-- And They're Coming to Facebook
http://www.businessinsider.com/paypals-new-micropayments-are-coming-to-facebook-2010-10?asid=ad2b6a75
Wave and Dell should be doing something about this I hope anyway:
http://www.informationweek.com/news/hardware/handheld/showArticle.jhtml?articleID=227900059&subSection=All+Stories
October is National Cybersecurity Awareness Month
http://www.networkworld.com/community/node/66961
ot-Warning: Fake LinkedIn Spam Can Steal Your Bank Passwords
I still wonder why id.wave.com is not being marketed in some way by one of the 'big guys' What is Wave waiting for?????????????
http://www.pcworld.com/article/206372/warning_fake_linkedin_spam_can_steal_your_bank_passwords.html
Data Connector conference oct. 7 & 14
No TPM mention- Sheeeeez
And just check out where the guy has worked.
http://www.computerworld.com/s/article/9187319/Managing_the_cloud_s_security_risks?taxonomyId=17&pageNumber=2
Anthem Blue Cross is sued over data security breach
Insurance applicant Patrick Magorien seeks class action status on behalf of consumers whose personal data were compromised
http://articles.latimes.com/2010/sep/17/business/la-fi-anthem-20100918
Raytheon unveils cybersecurity product...
http://www.upi.com/Business_News/Security-Industry/2010/09/17/Raytheon-unveils-cybersecurity-product/UPI-15531284735793/
U.S cyber-security strategy yet to solidify-
http://www.washingtonpost.com/wp-dyn/content/article/2010/09/16/AR2010091606745.html
Question for the board: Wouldn't PWC be able to roll this technology out faster if they used ERAS? Seems like a year is a long time.
'Here you Have' Virus Shows Security Weakness...
I wonder how the self healing laptops might help this:) I'm assuming it would take care of this.
http://www.pcworld.com/businesscenter/article/205228/here_you_have_virus_shows_security_weakness.html?tk=hp_pop