Latest Hacking and intrusion prevention News

Cyber-Criminals Target School Districts
posted on 13/01/2010

According to Comodo, local school districts across the United States have emerged as a prime target for cyber-criminals. In the fall of 2009, districts in Colorado, Illinois, Oklahoma and Pennsylvania all reported thefts of tens of thousands of dollars each due to a cyber-crime wave. The threat continues: on January 5, 2010, the Duanesburg, New York Central School District disclosed an attempted theft of $3.8 million, about a quarter of the district's operating budget. These crimes have been driven by malicious software infecting central office PC's containing the district's electronic banking details. These details were subsequently used by cyber-criminals to access the district's online bank account and illegally transfer money out of the account to money-mules, who subsequently transfer the funds to the criminal ringleaders. Comodo CEO Melih Abdulhayoglu commented on this threat in a video blog post entitled Schools Hacked: Students and Taxpayers Lose, where he points out the soft-... [more]

Napatech In-line network adapters help to reduce the cost and technical risk associated with development of high-performance IPS
posted on 04/01/2010

High-Performance IPS provides in-line processing of network traffic in real-time and has traditionally required expensive systems based on proprietary hardware platforms. With the transition to 10 Gbps networks, there is increasing emphasis on increasing the performance of Intrusion Prevention Systems (IPS) to keep up with higher data rates. With the introduction of Napatech’s family of In-line network adapters, an alternative approach based on standard off-the-shelf server hardware was made possible. This approach can help to reduce the time, cost and technical risk associated with development of high-performance IPS. Napatech’s In-line adapters provide multi-port 1 Gbps and 10 Gbps packet reception and transmission at full line-rate. Based on PCI-Express, the network adapters can be deployed in standard x86 servers to provide a powerful, full throughput platform for high-performance IPS solutions. “We have seen a lot of traction with IPS system vendors interested in improving t... [more]

Shift from attacks via websites and applications towards attacks originating from file sharing networks
posted on 16/12/2009

2009 was dominated by sophisticated malicious programs with rootkit functionality, the Kido worm (also known as Conficker), web attacks and botnets, SMS fraud and attacks on social networks. So what can we expect from 2010? According to Kaspersky Lab, in the coming year there will be a shift in the types of attacks on users: from attacks via websites and applications towards attacks originating from file sharing networks. Already in 2009 a series of mass malware epidemics have been “supported” by malicious files that are spread via torrent portals. This method has been used to spread notorious threats such as TDSS and Virut as well as the first backdoor for Mac OS X. In 2010, Kaspersky Lab expects to see a significant increase in these types of incidents on P2P networks. Cybercriminals will continue to compete for traffic. The modern Cybercriminal world is making more and more of an effort to legalise itself and there are lots of ways to earn money online using the huge amount of traf... [more]

Make sure employee online Christmas shopping doesn’t become a business security issue
posted on 14/12/2009

This Christmas, with online sales expected to reach £5 billion, perhaps shoppers can learn a few lessons from the Ghosts of the Charles Dickens classic, A Christmas Carol. As the Christmas shopping season gets underway, most Internet users won’t benefit from a visit from the Ghost of Christmas Past to warn them of the dangers of online shopping – a perennial target of cybercriminals attempting to steal confidential financial and personal information from unsuspecting shoppers. For those same online shoppers, a visit from the Ghost of Christmas Present would be sure to bring surprises. Two-thirds of all known web malware was discovered in 2008 alone, and that growth has continued unabated in 2009. The first half of 2009 saw a whopping 585% increase in phishing scams that targeted more than 300 recognised brands. Now, hackers are optimising popular search engine results (Zhu Zhu pets anyone?) to trick users into unknowingly downloading malware. Considering that more than half... [more]

Organisations will have to face the Industrialisation of Hacking
posted on 08/12/2009

Imperva has predicted five key security trends to watch for over the next ten years: 1. The Industrialisation of Hacking There is a clear definition of roles within the hacking community developing, forming a supply chain that starkly resembles that of drug cartels: ­ Botnet growers / cultivators whose sole concern is maintaining and increasing botnet communities ­ Attackers who purchase botnets for attacks aimed at extracting sensitive information (or other more specialized tasks) ­ Cyber criminals who acquire sensitive information for the sole purpose of committing fraudulent transactions As with any industrialisation process, automation is the key factor for success. Indeed we see more and more automated tools being used at all stages of the hacking process. Proactive search for potential victims relies today on search engine bots rather than random scanning of the network. Massive attack campaigns rely on zombies sending a predefined set of attack vectors to a list of... [more]

Other Security news and resources