The stolen credentials belong to companies from around the world and include more than 2500 North American companies, some of which are the world’s top 100 domains, according to security company Finjan. The ISP hosting the db has been notified but they still have not removed it. Companies that want to find out if their servers are in the list uncovered by Finjan can contact the company. Meanwhile, companies concerned that their servers have been compromised need to change their FTP usernames and passwords if they haven’t already done so as part of their regular routines, Ben-Itzhak said.
Ready to actually get the RMF/ISSO job?
Go from reading about the Risk Management Framework to doing it — with the full video course, the books, and a community of GRC professionals taught by Bruce Brown (CISSP, CGRC).
Get the RMF ISSO Foundations course → Browse the RMF & GRC books Join the free GRC community
Leave a Reply