Latest Internet and Web security News

Bloxx Web filtering provides safe and secure Internet access while increasing productivity at cashmere manufacturer
posted on 14/12/2010

Johnstons of Elgin, a leading manufacturers of quality cashmere garments, is using Bloxx Web filtering to dynamically manage and report on the Web browsing activity of over 300 employees. Now their staff has safe and secure access to business-related Web sites but are blocked from productivity draining non-business Web content such as gaming and blogging sites. Kevin Di Sotto, IT Business Administrator at the company explains, “We realised that we didn’t have any control or visibility into what Web sites our staff were accessing during working hours and with the increasing use of the Internet within the company, we were concerned that this could have a significant impact on staff productivity. Additionally we were concerned that staff could accidently view inappropriate content that could expose the company to legal risk and liability.” Bloxx Web filtering, powered by the patent-applied for Tru-View Technology real-time categorisation engine, is monitoring and reporting on all Web a... [more]

The legal risks of joining a botnet which is participating in DDoS attacks
posted on 14/12/2010

In a distributed denial-of-service (DDoS) attack, malicious hackers can commandeer thousands of computers around the world, and order them to deluge a website with traffic - effectively clogging it up, preventing others from reaching the site, and bringing the website to its knees. DDoS attacks are the equivalent of "15 fat men trying to get through a revolving door at the same time" - nothing can move. In recent days a number of websites have been struck by DDoS attacks, seemingly co-ordinated by supporters of WikiLeaks against firms and websites who they feel have turned their back on the controversial whistle-blowing website. Most recently, internet users have been urged to voluntarily join a botnet, by downloading a DDoS attack tool called LOIC (the name stands for Low Orbit Ion Cannon). My advice to you is to stay well away. Not only would you be foolish to run code on your computer which allows unknown parties to launch attacks against websites at a whim, but you should also ... [more]

IT administrators expect to lose more than 20 percent of their company's network bandwidth from employees' Christmas shopping on the job
posted on 13/12/2010

A recently published report from the Interactive Media in Retail Group (IMRG) claimed that total online spending in the UK for November and December is anticipated to be £12.4bn, a significant increase on 2009, as the UK ecommerce industry continues to go from strength to strength. According to Ipswitch Inc.'s survey of some of its 80,000 customers, over 50 percent of IT administrators expect to lose more than 20 percent of their company's essential network bandwidth from employees shopping on the job. This follows the warning it made in July that global networks hit 95% capacity during key games in this year’s Fifa World Cup. A recent poll conducted by Ipswitch asked IT administrators how much network bandwidth they anticipated their company to lose from online shopping. Of those polled, one-third of respondents expected to lose more than 30 percent of its network bandwidth. Conversely, 28.5 percent, the next largest group, expected to lose less than 10 percent of their network resou... [more]

Fraudsters utilise botnet Zeus to target major retailers for christmas
posted on 13/12/2010

Merchants and card issuers invest a great deal in backend technologies for detecting fraudulent transactions. These systems represent an important security layer, however the increase in malware and phishing attacks that specifically target card information is making them less effective. An additional layer that can prevent card information from being stolen in the first place is now required. CNP fraud refers to transactions when a credit card is not physically present, as in an internet, mail or phone purchase. It is difficult for a merchant to verify that the actual cardholder is indeed authorizing the purchase. Because of the greater risk, card issuers tend to charge merchants higher fees for CNP transactions. To make matters worse, merchants are typically responsible for CNP fraud transactions. Therefore, CNP merchants must take extra precaution against fraud exposure and associated losses. Trusteer's research group recently discovered a Zeus botnet that is targeting credit car... [more]

University of Nottingham thwarts cyber attacks with LogRhythm
posted on 10/12/2010

As we have seen this week with hackivists taking down these sites in support of arrested Wikileaks’ founder Julian Assange, it is clear that any organisation – regardless of how much it spends on IT security – can fall victim to a security breach and a distributed denial of service (DDoS) attacks. However, one organisation that has successfully worked out how to thwart such attacks is the University of Nottingham, which has recently implemented log management and security information and event management (SIEM) solutions from LogRhythm in order to gain more insight into activity across its IT infrastructure. This system monitors millions of logs each day and, just days after the installation was completed, identified and blocked a DoS attack against the University’s network. “One of the first benefits we received post implementation involved our being able to spot a denial of service attack targeting the internet gateway,” said Paul Kennedy, security and compliance leader at the Univ... [more]

Other Security news and resources