yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News
Cloud Expo & Virtualization 2009 East
Smarter Business Solutions Through Dynamic Infrastructure
Smarter Insights: How the CIO Becomes a Hero Again
Windows Azure
Why VDI?
Maximizing the Business Value of Virtualization in Enterprise and Cloud Computing Environments
Messaging in the Cloud - Email, SMS and Voice
Freedom OSS
Stairway to the Cloud
Sun's Incubation Platform: Helping Startups Serve the Enterprise
Cloud Computing & Enterprise IT: Cost & Operational Benefits
How and Why is a Flexible IT Infrastructure the Key To the Future?
Click For 2008 West
Event Webcasts
Privileged Accounts Remain Most Coveted Target for Cyber-Attackers

Despite repeated warnings, organizations are still failing to lock down the primary target of most cyber-attacks – privileged access points. Cyber-Ark labs analyzed a string of recent, high-profile cyber-attacks, including the malware attack against Saudi oil giant Aramco and the Subway restaurant breach, and concluded that the common denominator of each breach was the exploitation of privileged access points.

Privileged access points have become the primary target for enterprise attacks. Privileged access points consist of privileged and administrative accounts, default and hardcoded passwords, application backdoors, and more. Cyber-attackers continue to breach the corporate perimeter through common means – including phishing attacks, malware infected attachments, social media viruses, and other methods. Once inside, cyber-attackers infiltrate privileged access points to gain access to additional servers, databases and other high value systems.

According to a Gartner Research report1 on advanced persistent threats, protecting against this type of threat requires locking down privileged accounts. The report concluded that “to reduce the impact of social engineering attacks, ensure that end users do not have administrative access; and when IT administrator access is required for system administration, perform these functions on isolated systems that are not used for email or Web browsing.”

Privileged accounts have served as the root cause of some of the most significant breaches in recent months, including:

  • The Flame Virus – Flame, a virus considered the ‘mother of all cyberweapons’, had a sniffer component that scans traffic on an infected computer’s local network, collecting usernames and passwords. From here, attackers were able to hijack administrative accounts and acquire high-level privilege to other computers and network locations.
  • Saudi AramcoThe New York Times recently reported that ‘what is regarded as among the most destructive acts of computer sabotage on a company to date’ was traced to an insider with privileged access to the Saudi state-owned oil company’s computers.
  • Subway Data Breach – In New Hampshire, two men plead guilty to stealing payment information from Subway restaurants and according to the court documents, the men “remotely scanned the Internet to identify POS systems with remote desktop software applications on them. They logged into the systems over the internet and cracked the passwords to gain administrative access.” Once they gained access, they simply installed key logging software to capture data being input.

“For years, the discussion on securing privileged access points focused mostly on the insider threat and ensuring that only the properly credentialed had access to these power accounts. Sophisticated cyber-attackers understand the power and wide ranging access these accounts provide – which is why they continue to be the number one target in the majority of cyber-attacks,” said Adam Bosnian, executive vice president Americas, Cyber-Ark Software. “Unsecured critical access points are a threat to all sensitive corporate data and systems and represent the greatest security challenge most businesses will face. Identifying all privileged access points and locking them down should be a priority for any security and compliance conscious executive.”

Twitter: @CyberArk
Download the Cyber-Ark security survey:

About Cyber-Ark

Cyber-Ark® Software is a global information security company that specializes in protecting and managing privileged users, sessions, applications and sensitive information to improve compliance, productivity and protect organizations against insider threats and advanced external threats. With its award-winning Privileged Identity Management, Privileged Session Management and Sensitive Information Management Suites, organizations can more effectively manage and govern data center access and activities, whether on-premise, off-premise or in the cloud, while demonstrating returns on security investments. Cyber-Ark works with more than 1,100 customers, including more than 35 percent of the Fortune 100. Headquartered in Newton, Mass., Cyber-Ark has offices and authorized partners in North America, Europe and Asia Pacific. For more information, please visit

Copyright © 2012 Cyber-Ark Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.

1 Best Practices for Mitigating Advanced Persistent Threats, Jan. 2012, p2

About Business Wire
Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Cloud Developer Stories
Digital transformation is about embracing digital technologies into a company's culture to better connect with its customers, automate processes, create better tools, enter new markets, etc. Such a transformation requires continuous orchestration across teams and an environment b...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the...
Daniel Jones is CTO of EngineerBetter, helping enterprises deliver value faster. Previously he was an IT consultant, indie video games developer, head of web development in the finance sector, and an award-winning martial artist. Continuous Delivery makes it possible to exploit f...
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of cont...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the l...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)!

Advertise on this site! Contact advertising(at)! 201 802-3021

SYS-CON Featured Whitepapers