Team, Here in find the classic example of why we require Security Compliance Governance audits as equal as that of security review/testing of processes, procedures, applications, networks, etc. More often we security infrastructure by performing lots review/assessment activities before all those being used/implemented. But what is next after that? Apart from regular penetration testing/similar activities, it also important that if end users of such infrastructure are utilizing it correctly by following applicable code of conduct of such organisations. I am sure lots of development/testing organizations around the world has some kind of learning from this case investigated by FBI.
:::Texas Man Pleads Guilty to Hacking into Computer Servers of Local Company and NASA::: In his plea agreement, Parker admitted that from December 23, 2008, through October 15, 2009, he hacked into the computer network of SWReg, Inc., a subsidiary of the cyber-based company Digital River, Inc., of Eden Prairie, Minnesota, in an effort to steal money. SWReg. pays independent software developers who write code. Royalties owed to those developers are accumulated at SWReg. The software developers have the ability to go online, view the royalty balances in their SWReg accounts, and, ultimately, cash out those accounts. When a particular developer cashes out an account, SWReg electronically transfers the money to the developer’s bank account, mails the developer a check, or has the developer’s PayPal account credited. Parker hacked into SWReg’s system, created the money by crediting the SWReg accounts, and then caused that money to be wire transferred to his bank account instead of the accounts of several developers. Parker stole approximately $275,000. For more information: http://minneapolis.fbi.gov/dojpressrel/pressrel11/mp022311.htm Regards Sandeep Thakur -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
