Latest Hacking and intrusion prevention News

Third parties introduce many deficiencies exploited by attackers
posted on 08/02/2010

According to Trustwave's 2010 Global Security Report, the most notable trend of 2009 was the continued existence of attack vectors despite the security industry’s awareness of the associated vulnerabilities for a decade or more. Organizations large and small were found to be moving forward with plans to implement new technology, while leaving basic security threats overlooked in legacy environments and IT systems. The report analyzes data gathered from nearly 1900 penetration tests and more than 200 security incident and compromise investigations throughout 2009 and provides a business and technical impact analysis. The report was compiled by SpiderLabs, the advanced security team at Trustwave responsible for incident response and forensics, penetration testing, application security and security research. A recent article in USA Today agrees with these findings, stating, “The vast majority of organizations routinely fail to take simple defensive measures, such as shoring up common we... [more]

Size doesn't matter when it comes to maintaining business continuity
posted on 05/02/2010

It's not a matter of if, but when. You might think that as a small business owner, your company is not a target for malicious hackers or attacks, but this couldn't be farther from the truth. Size doesn't matter when it comes to maintaining business continuity in light of security threats - both natural and manmade - anyone and everyone is susceptible. Think about what kind of information you could lose from various business security threats - years worth of tax records, confidential employee information including Social Security numbers, signed customer contracts and customer contact records, just to start. When an eight person law firm in Miami was hit by Hurricane Ike in 2008, it was forced to close its doors after a decade of being in business. Everything they had was destroyed and irretrievable. Although this was a natural disaster, the business owner could have taken some relatively easy and cost effective precautions to ensure his business was safe from common small business secur... [more]

Imperva reveals the most commonly used passwords
posted on 22/01/2010

The most commonly used passwords have been revealed: 1. 123456 2. 12345 3. 123456789 4. Password 5. iloveyou 6. princess 7. rockyou 8. 1234567 9. 12345678 10. abc123 This list comes from the Imperva study, analyzing 32 million passwords recently exposed in the Rockyou.com breach. Imperva’s Application Defense Center (ADC) analyzed the strength of the passwords in a report 'Consumer Password Worst Practices', to help consumers and website administrators identify the most commonly used passwords they should avoid when using social networking or e-commerce sites. “Everyone needs to understand what the combination of poor passwords means in today’s world of automated cyber attacks: with only minimal effort, a hacker can gain access to one new account every second—or 1000 accounts every 17 minutes,” explained Imperva’s CTO Amichai Shulman. “The data provides a unique glimpse into the way that users select passwords and an oppo... [more]

Surf safe and do not browse without protection
posted on 19/01/2010

Nobody wants to be an innocent bystander; we avoid high risk areas where problems are likely to break out. The risk averse amongst us avoids areas that pose even a modicum of risk. You are unlikely to find me trawling a battle ground even for the most precious of loot. So it was with horror that I learnt as a teenager that lightning could come down a telephone line and kill you. More precisely kill me! I could become an innocent bystander in my own home. I was not safe inside all that brick and mortar. The first thing that came to mind was: “What are the chances of that?” closely follow by, “I live in a lightning prone area” and “I need the phone to communicate.” This was the choice of communication methods before the ubiquitous mobile phone and the pervasive Internet. So I ran to my mother and demanded that we get lightning surge protectors as fast as humanly possible. How could I survive without a telephone, I was a teenager. On the Internet computers are to homes as browsers a... [more]

Cyber-Criminals Target School Districts
posted on 13/01/2010

According to Comodo, local school districts across the United States have emerged as a prime target for cyber-criminals. In the fall of 2009, districts in Colorado, Illinois, Oklahoma and Pennsylvania all reported thefts of tens of thousands of dollars each due to a cyber-crime wave. The threat continues: on January 5, 2010, the Duanesburg, New York Central School District disclosed an attempted theft of $3.8 million, about a quarter of the district's operating budget. These crimes have been driven by malicious software infecting central office PC's containing the district's electronic banking details. These details were subsequently used by cyber-criminals to access the district's online bank account and illegally transfer money out of the account to money-mules, who subsequently transfer the funds to the criminal ringleaders. Comodo CEO Melih Abdulhayoglu commented on this threat in a video blog post entitled Schools Hacked: Students and Taxpayers Lose, where he points out the soft-... [more]

Other Security news and resources