Latest Hacking and intrusion prevention News

The Return of Ransomware and Do-it-Yourself Botnets
posted on 02/09/2010

According to Fortinet's August 2010 Threat Landscape report, ransomware variant TotalSecurity has made its biggest comeback since March. Ransomware is malware that locks out applications and data from a user’s PC and then demands ransom for restored access, and TotalSecurity loader (W32/FakeAlert.LU) was the no. 1 malware detected this month by Fortinet’s FortiGuard Labs. “One indicator we observed this month was that the Ransomware application had gone server-side polymorphic, which means that the loader will connect to a single server and request a single file, but the code changes on an hourly basis in order to avoid detection,” said Derek Manky, project manager, cyber security and threat research, Fortinet. “This is a technique typically seen with botnets, such as Waledac, and has been picked up by the developers of TotalSecurity. This is another example of how relying purely on antivirus is not a silver-bullet approach to protecting systems from infection.” In addition to ransomw... [more]

Mykonos security appliance stops IT security attacks before the damage is done
posted on 13/08/2010

Early detection of an attack is important because it saves IT security department’s significant time and money because the cheapest attack is the one that is never completed and requires no response. Mykonos Software have announced a new release of their flagship product, the Mykonos Security Appliance, aimed at preventing Web application abuse. Targeted at organizations with significant web properties such as e-commerce sites, SaaS providers, and consumer on-line services, the Mykonos Security Appliance prevents malicious automation abuse, data theft and fraudulent transactions from occurring through vulnerabilities in Web applications. The Mykonos Security Appliance helps companies prevent their Web applications from being asked to perform tasks they were never intended to perform. The product as has three key features. First, it helps organizations gain real-time detection of Web application introspection before the damage is done. Second, it allows companies to respond to introspe... [more]

Majority considers state-sponsored cyber-espionage acceptable
posted on 06/08/2010

Sophos' recent 2010 Security Threat Report uncovers some alarming attitudes towards international cyber-espionage. Respondents were asked questions including whether they thought spying via hacking or malware attacks is an acceptable practice and if the computer networks of private companies in other countries are legitimate targets. Some of the key findings of the survey indicate a relaxed attitude to state-sponsored cybercrime: * 63% of those polled believe that it is acceptable for their country to spy on other nations by hacking or installing malware (23% said yes at any time. 40% said only during wartime, 37% said no) * A staggering 1 in 14 respondents believe that crippling denial of service attacks against another country's communication or financial websites are acceptable during peacetime (49% said only in wartime, 44% said never) * 32% believe that countries should be allowed to plant malware and hack into private foreign companies in order to spy for economic adva... [more]

Hack the Lab workshop explains how to prevent hackers accessing the company network
posted on 04/08/2010

Recent studies show that cyber attacks such as computer hacking cost businesses around the world an average of £1.2 million last year, with 75% of businesses polled having experienced some kind of cyber crime in the past 12 months. The Hack the Lab workshop from Network Defence explained businesses how to prevent hackers accessing the company network, protecting sensitive data and safeguarding against malicious content. The workshop showed businesses how to protect their network and data against hackers, avoid damaging data leaks and safeguard systems against malicious content. By adopting a hands-on approach to illustrate the ease with which hackers can breach company networks to gain access to sensitive data or deploy malware or spyware, Network Defence demonstrated how easily unsecured company systems can become compromised, highlighting the importance of using an effective and up-to-date well-managed intrusion prevention system (IPS). As part of the workshop attendees were show... [more]

How do you know your web hosting company is doing is enough to protect your website and business
posted on 04/08/2010

Most people are familiar with email viruses and the need for protecting a personal computer against infection. But what are you doing to ensure the safety and security of your website? Most often, business owners leave this side of things up to their web designers and web hosting company. But how do you know that what they are doing is enough to protect your website and business? Let’s look at a few basic things regarding web hosting security that you need to know about.   What Cyber Criminals Are Doing   Hackers and cyber criminals really don’t have a conscience; they aren't worried that they may be destroying your business or livelihood. Sometimes it is just a game to them to see if they can access and destroy the information held on your website. Other times, they may be after your customer data or business information so they can commit fraud and make online purchases with your customers' credit cards. They do this by planting malicious code into your website. This code can ... [more]

Other Security news and resources