yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News
Cloud Expo & Virtualization 2009 East
Smarter Business Solutions Through Dynamic Infrastructure
Smarter Insights: How the CIO Becomes a Hero Again
Windows Azure
Why VDI?
Maximizing the Business Value of Virtualization in Enterprise and Cloud Computing Environments
Messaging in the Cloud - Email, SMS and Voice
Freedom OSS
Stairway to the Cloud
Sun's Incubation Platform: Helping Startups Serve the Enterprise
Cloud Computing & Enterprise IT: Cost & Operational Benefits
How and Why is a Flexible IT Infrastructure the Key To the Future?
Click For 2008 West
Event Webcasts
Privileged Accounts Remain Most Coveted Target for Cyber-Attackers

Despite repeated warnings, organizations are still failing to lock down the primary target of most cyber-attacks – privileged access points. Cyber-Ark labs analyzed a string of recent, high-profile cyber-attacks, including the malware attack against Saudi oil giant Aramco and the Subway restaurant breach, and concluded that the common denominator of each breach was the exploitation of privileged access points.

Privileged access points have become the primary target for enterprise attacks. Privileged access points consist of privileged and administrative accounts, default and hardcoded passwords, application backdoors, and more. Cyber-attackers continue to breach the corporate perimeter through common means – including phishing attacks, malware infected attachments, social media viruses, and other methods. Once inside, cyber-attackers infiltrate privileged access points to gain access to additional servers, databases and other high value systems.

According to a Gartner Research report1 on advanced persistent threats, protecting against this type of threat requires locking down privileged accounts. The report concluded that “to reduce the impact of social engineering attacks, ensure that end users do not have administrative access; and when IT administrator access is required for system administration, perform these functions on isolated systems that are not used for email or Web browsing.”

Privileged accounts have served as the root cause of some of the most significant breaches in recent months, including:

  • The Flame Virus – Flame, a virus considered the ‘mother of all cyberweapons’, had a sniffer component that scans traffic on an infected computer’s local network, collecting usernames and passwords. From here, attackers were able to hijack administrative accounts and acquire high-level privilege to other computers and network locations.
  • Saudi AramcoThe New York Times recently reported that ‘what is regarded as among the most destructive acts of computer sabotage on a company to date’ was traced to an insider with privileged access to the Saudi state-owned oil company’s computers.
  • Subway Data Breach – In New Hampshire, two men plead guilty to stealing payment information from Subway restaurants and according to the court documents, the men “remotely scanned the Internet to identify POS systems with remote desktop software applications on them. They logged into the systems over the internet and cracked the passwords to gain administrative access.” Once they gained access, they simply installed key logging software to capture data being input.

“For years, the discussion on securing privileged access points focused mostly on the insider threat and ensuring that only the properly credentialed had access to these power accounts. Sophisticated cyber-attackers understand the power and wide ranging access these accounts provide – which is why they continue to be the number one target in the majority of cyber-attacks,” said Adam Bosnian, executive vice president Americas, Cyber-Ark Software. “Unsecured critical access points are a threat to all sensitive corporate data and systems and represent the greatest security challenge most businesses will face. Identifying all privileged access points and locking them down should be a priority for any security and compliance conscious executive.”

Twitter: @CyberArk
Download the Cyber-Ark security survey:

About Cyber-Ark

Cyber-Ark® Software is a global information security company that specializes in protecting and managing privileged users, sessions, applications and sensitive information to improve compliance, productivity and protect organizations against insider threats and advanced external threats. With its award-winning Privileged Identity Management, Privileged Session Management and Sensitive Information Management Suites, organizations can more effectively manage and govern data center access and activities, whether on-premise, off-premise or in the cloud, while demonstrating returns on security investments. Cyber-Ark works with more than 1,100 customers, including more than 35 percent of the Fortune 100. Headquartered in Newton, Mass., Cyber-Ark has offices and authorized partners in North America, Europe and Asia Pacific. For more information, please visit

Copyright © 2012 Cyber-Ark Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.

1 Best Practices for Mitigating Advanced Persistent Threats, Jan. 2012, p2

About Business Wire
Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Cloud Developer Stories
SYS-CON Events announced today that Interface Masters Technologies, a leader in Network Visibility and Uptime Solutions, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Inter...
As software becomes more and more complex, we, as software developers, have been splitting up our code into smaller and smaller components. This is also true for the environment in which we run our code: going from bare metal, to VMs to the modern-day Cloud Native world of cont...
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any ot...
SYS-CON Events announced today that Streamlyzer will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Streamlyzer is a powerful analytics for video streaming service that enables v...
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the abo...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)!

Advertise on this site! Contact advertising(at)! 201 802-3021

SYS-CON Featured Whitepapers