It hasn't been smooth sailing for security vendor Kaspersky Labs over the last few years. Back in 2008, the company's Malaysian website was defaced by a Turkish hacker via an SQL injection. In 2009, their U.S. support site was compromised -- again by the use of an SQL injection.
Following the second breach, Kaspersky's Roel Schouwenberg lamented, "This is not good for any company, and especially a company dealing with security." He's sure right about that. It's about as bad as things could get for an anti-malware provider... Right?
Well, almost. There is one possible scenario which is slightly worse: having your legitimate, well-known security site hacked so that it redirects potential downloaders to malicious software instead. And that's exactly what happened this Sunday.
Kaspersky denied the hack at first, but this is the kind of thing that's a little hard to cover up in 2010. Reports sprang up on their own forums and across the Internet, and Kaspersky eventually fessed up. They later offered an official statement:
Identifying the attacker and potential risk to your clients sounds like a good idea. You know what else might be a good idea? Securing your own servers so this doesn't happen again.
photo by flickr user pvera
Powered by WizardRSS | Full Text RSS Feeds
TEXAS INSTRUMENTS TERADATA TELETECH HOLDINGS TECHNITROL TAKETWO INTERACTIVE SOFTWARE
No comments:
Post a Comment