yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News

2008 West
Data Direct
SOA, WOA and Cloud Computing: The New Frontier for Data Services
Red Hat
The Opening of Virtualization
User Environment Management – The Third Layer of the Desktop
Cloud Computing for Business Agility
CMIS: A Multi-Vendor Proposal for a Service-Based Content Management Interoperability Standard
Freedom OSS
Practical SOA” Max Yankelevich
Architecting an Enterprise Service Router (ESR) – A Cost-Effective Way to Scale SOA Across the Enterprise
Return on Assests: Bringing Visibility to your SOA Strategy
Managing Hybrid Endpoint Environments
Game-Changing Technology for Enterprise Clouds and Applications
Click For 2008 West
Event Webcasts

2008 West
Get ‘Rich’ Quick: Rapid Prototyping for RIA with ZERO Server Code
Keynote Systems
Designing for and Managing Performance in the New Frontier of Rich Internet Applications
How Can AJAX Improve Homeland Security?
Beyond Widgets: What a RIA Platform Should Offer
REAs: Rich Enterprise Applications
Click For 2008 Event Webcasts
Top Links You Must Click On

Privileged Accounts Remain Most Coveted Target for Cyber-Attackers

Despite repeated warnings, organizations are still failing to lock down the primary target of most cyber-attacks – privileged access points. Cyber-Ark labs analyzed a string of recent, high-profile cyber-attacks, including the malware attack against Saudi oil giant Aramco and the Subway restaurant breach, and concluded that the common denominator of each breach was the exploitation of privileged access points.

Privileged access points have become the primary target for enterprise attacks. Privileged access points consist of privileged and administrative accounts, default and hardcoded passwords, application backdoors, and more. Cyber-attackers continue to breach the corporate perimeter through common means – including phishing attacks, malware infected attachments, social media viruses, and other methods. Once inside, cyber-attackers infiltrate privileged access points to gain access to additional servers, databases and other high value systems.

According to a Gartner Research report1 on advanced persistent threats, protecting against this type of threat requires locking down privileged accounts. The report concluded that “to reduce the impact of social engineering attacks, ensure that end users do not have administrative access; and when IT administrator access is required for system administration, perform these functions on isolated systems that are not used for email or Web browsing.”

Privileged accounts have served as the root cause of some of the most significant breaches in recent months, including:

  • The Flame Virus – Flame, a virus considered the ‘mother of all cyberweapons’, had a sniffer component that scans traffic on an infected computer’s local network, collecting usernames and passwords. From here, attackers were able to hijack administrative accounts and acquire high-level privilege to other computers and network locations.
  • Saudi AramcoThe New York Times recently reported that ‘what is regarded as among the most destructive acts of computer sabotage on a company to date’ was traced to an insider with privileged access to the Saudi state-owned oil company’s computers.
  • Subway Data Breach – In New Hampshire, two men plead guilty to stealing payment information from Subway restaurants and according to the court documents, the men “remotely scanned the Internet to identify POS systems with remote desktop software applications on them. They logged into the systems over the internet and cracked the passwords to gain administrative access.” Once they gained access, they simply installed key logging software to capture data being input.

“For years, the discussion on securing privileged access points focused mostly on the insider threat and ensuring that only the properly credentialed had access to these power accounts. Sophisticated cyber-attackers understand the power and wide ranging access these accounts provide – which is why they continue to be the number one target in the majority of cyber-attacks,” said Adam Bosnian, executive vice president Americas, Cyber-Ark Software. “Unsecured critical access points are a threat to all sensitive corporate data and systems and represent the greatest security challenge most businesses will face. Identifying all privileged access points and locking them down should be a priority for any security and compliance conscious executive.”

Twitter: @CyberArk
Download the Cyber-Ark security survey:

About Cyber-Ark

Cyber-Ark® Software is a global information security company that specializes in protecting and managing privileged users, sessions, applications and sensitive information to improve compliance, productivity and protect organizations against insider threats and advanced external threats. With its award-winning Privileged Identity Management, Privileged Session Management and Sensitive Information Management Suites, organizations can more effectively manage and govern data center access and activities, whether on-premise, off-premise or in the cloud, while demonstrating returns on security investments. Cyber-Ark works with more than 1,100 customers, including more than 35 percent of the Fortune 100. Headquartered in Newton, Mass., Cyber-Ark has offices and authorized partners in North America, Europe and Asia Pacific. For more information, please visit

Copyright © 2012 Cyber-Ark Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.

1 Best Practices for Mitigating Advanced Persistent Threats, Jan. 2012, p2

About Business Wire
Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Enterprise Open Source Magazine Latest Stories . . .
Developers generally like to share their code, and many of them do so by open sourcing it on GitHub, a social code hosting and collaboration service. Many companies also use GitHub as a convenient place to host both private and public code repositories by creating GitHub organizations ...
Test-driven development (TDD) has been around for a while now. Behavior-driven development (BDD), a comparably recent methodology, emerged from the practice of TDD and could reasonably be called a narrower application of TDD. The TDD process allows a developer to use a failing unit t...
It is no surprise that OpenStack has evolved into a widely adopted cloud management framework. As it hurtles on a trajectory of rapid growth, a new breed of demands are making themselves felt – demands that a mature platform of this nature and scope must satisfy. One such requirement i...
The combined notions of open source and the ‘community contribution’ model of collaborative software application development are, of course, not new. The history of open source is actually traced back to early software exchanges between universities driven by academic principles of kn...
Using any programming framework to the fullest extent possible first requires an understanding of advanced software architecture concepts. While writing a little client-side JavaScript does not necessarily require as much consideration when designing a scalable software architecture, t...
Cloud computing delivers on-demand IT resources that provide businesses flexibility. The challenge is the cost and complexity of cloud security compliance (PCI, HIPAA, FFIEC). Raxak Protect automated cloud security enables cloud apps to be deployed quickly and cost-effectively. Get the...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)!

Advertise on this site! Contact advertising(at)! 201 802-3021

SYS-CON Featured Whitepapers