Giant DDoS attack lasted for 150 hours
Incapsula announced that they noticed an unusual DDoS attack on its own infrastructure. The attack was aimed at one of their clients, who remain unnamed. Although this type of attack is quite common, the characteristics of the attack are somewhat interesting. Unknown assailants carried out the DDoS attack for a period of 150 hours, and the used over 180,000 different IP addresses.
Adobe source code stolen
Adobe Systems Inc. has announced that on the third of October they became the victim of a cyber attack. According to unofficial reports, it is estimated that the attackers gained access to the internal network of Adobe and stole the source code for a currently unknown number of their software products. Experts assume that the attacker stole the source code of the popular ColdFusion application and the Acrobat series applications.
Yahoo! starts a formal Bug Bounty program
Bug Bounty programs have become a popular way of motivating the public to find vulnerabilities and/or errors in their applications. Large organizations such as Google, Facebook and Mozilla have their own Bug Bounty programs for quite a while now. The amount of the reward depends on the type of bugs or vulnerabilities that are found. The rewards for Yahoo's new Bug Bounty program ranges from $150 to $15.000.
(ISC)2 Congress puts focus on the human side of security
The third annual (ISC) 2 Congress conference began on Sunday 22nd September and will last until this Friday (September 27th). This year, most of the lectures will be focused in order to do more with less. Specifically, the lectures aim to teach employees and end-users to be more secure in their business environment and how to make tough decisions about security in an environment that is rapidly changing.
These and similar topics show how information security must sometimes move away from technical topics and pay attention to the users of the system. Let us recall, the latest definition of information systems include the users of the system. Therefore, information security practices increasingly involve the human factor. More about the (ISC) 2 Congress conference can be found on the portal DarkReading.