CRN reports that hackers with a possible relationship to the Chinese government attacked 3 large U.S. companies with a malware called Javafog. This malware installs backdoors via a vulnerability in Oracle Java and flaws in Microsoft Office. But why to attack them directly, when one can use service providers?
RSA is in trouble – so much, that they responded to the accusation of enabling backdoors for the NSA on a Sunday. They deny having closed a “secret contract” with the NSA. Furthermore they admit, that RSA “worked with the NSA, both as a vendor and an active member of the security community.” And RSA claims that their “explicit goal has always been to strengthen commercial and government security.”
Now it’s on you to decide who is more trustworthy: Edward Snowden with his leaked NSA documents or RSA…
Computerwoche, a German IT newspaper, reports on the reactions of German CIOs to the NSA scandal. Some of them stated, the have not paid enough attention to the issue of surveillance, even knowing that it was taking place. One confessed, that they have been “naïve” regarding the dimension of data sniffing by the NSA.