Apple admits its developer site was hacked

July 15th, 2013

Apple’s website meant for developers was down for few days, this outrage was due to a hack. Software developers use this website for tools and resources to write software for iPhones, iPads and Macs, it also contains sensitive financial information, which is encrypted.

Attempts were made to access personal information about developers. This data breach incident comes at a time when third-party developers were testing their apps on Apple’s iOS 7.

Apple said that no customer information had been compromised, but was unable to rule out the possibility that some email addresses, mailing addresses and developers’ names may have been accessed. An Apple spokesman said the website which suffered from data breach was not associated with any customer information.

Apple wrote to developers on its website “Sensitive personal information was encrypted and cannot be accessed. However, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and email addresses may have been accessed”.

“This event shows that our private information and our developer account may be leaked, I hope Apple will spend more time and resources on security to protect our private information.” said Cui Tong, a Beijing-based iOS developer.

Apple apologized for the inconvenience that this data breach incident caused for software developers and that it was working “around the clock” to restore the website soon.

“To prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database,” Apple said in a statement.

The membership of the developers, if set to be expired has been extended by Apple and all third-party apps will remain on Apple’s app store.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

Apple, Facebook, Twitter hacks said to hail from Eastern Europe

February 21st, 2013

While many security experts have been pointing the blame at China for the recent wave of cyberattacks on U.S. companies and newspapers,Bloomberg reports that some of the malware attacks actually may be coming from Eastern Europe.

Investigators familiar with the matter told Bloomberg they believe a cybercriminal group based in either Russia or Eastern Europe is carrying out the high-level attacks to steal company secrets, research, and intellectual property, which could then be sold on the black market.

Evidence that the attacks may be coming from Eastern Europe is the type of malware being used by the hackers, which is more commonly used by cybercriminals than by government spying. Also, investigators have tracked at least one server being used by the hackers to a Ukrainian hosting company.

Roughly 40 companies have been victims of cyberattacks over the past several months. These companies included tech businesses, such as Apple, Facebook, and Twitter, and newspapers, such as The New York Times, the Wall Street Journal, and the Associated Press.

Apple announced today that hackers targeted computers used by its employees, but that “there was no evidence that any data left Apple.” In a statement, the company said it discovered malware that made use of a vulnerability in the Java plug-in, and that it was sourced from a site for software developers. Apple blocked Java from some of its Macs late last month using its XProtect antimalware tool and citing security vulnerabilities.

A report by The New York Times yesterday claimed that an “overwhelming percentage” of the cyberattacks on U.S. corporations, government agencies, and organizations came from an office building in Shanghai with ties to the People’s Liberation Army. These allegations remain unconfirmed and flatly denied by Chinese authorities.

The hack on The New York Times itself was months long and included the theft of corporate passwords of Times employees, as well as spying on personal computers. The attacks on Facebook, Twitter, and Apple were a bit different in that reportedly only a small number of systems were infected and the hackers got in via the Java vulnerability.

This isn’t the first allegation of cybercriminals operating out of Eastern Europe. Security firm McAfee Labs published a report in December that warned of increasing attacks on U.S. financial institutions from Eastern European hackers. Dubbed Project Blitzkrieg, McAfee said the possible attacks would be done with a highly developed Trojan that could infect victims’ computers, plant software, and allow cybercriminals to steal information and money.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta