FTP
FTP
FTP or File Transfer Protocol is a commonly used protocol for exchanging files over any network that supports the TCP/IP protocol (such as the Internet or an intranet).
Definitions provided by Wikipedia - The Free Encyclopedia
FTP Related Products
The Inter-Business Vault enables the creation of secure instant wide area networks (WANs) for connecting enterprises with partners, customers and sub-contractors over the Internet - enabling them to exchange information as if they have deployed a shared WAN, but without actually doing so.
More information
The ProxyAV 400 Series is a purpose-built solution designed for quick integration with ProxySG 800 for deployment in medium enterprise or distributed environments. It provides scalable performance with a choice of antivirus engines from Sophos and McAfee.
More information
The Blue Coat AV510 Series is a purpose-built solution designed for simple integration with Blue Coat SG810 and SG510 series solutions for medium enterprise or distributed environments providing scalable performance with a choice of antivirus engines.
More information
The Blue Coat AV810 Series represents the next generation in highend appliance platforms for enterprise Web AV. The AV810 series is a purpose-built appliance designed for scalable, enterprise performance, enterprise manageability, and factory-built integration with the Blue Coat SG
More information
Prevent viruses from spreading through your network by blocking them before they reach the end user. Trend Micro ServerProtect for Microsoft Windows and Novell NetWare scans, detects and removes virus from files and compressed files in real time. ServerProtect delivers 24x7 antivirus support and protection with automatic, incremental virus updates. Centralised management of servers via a Web-based console simplifies network protection.
More information
Intelligent application delivery controller for data center optimisation delivering advanced Layer 4-7 policies, application acceleration services, integrated security and bandwidth management to eliminate traffic surges, server bottlenecks, connectivity disconnects and downtime for ensured business continuity.
More information
FTP Related Industry News
Internet attacks up 28 percent in 2002 The Internet is an increasingly dangerous place for companies with cyberattacks up 28 percent for the first half of 2002 over the last half of 2001, according to a new report released Monday by security services company Riptech.
The Riptech Internet Security Threat Report tracked security data from the firewalls and intrusion detection systems of over 400 companies in over 30 countries from January 1 to June 30. Seventy-four percent of the companies in......
[more] Web pedos crack into corporate servers Web paedophiles are turning to cracking techniques to cover their track, claims the head of the UK's National Hi-Tech Crime Unit (NHTCU). Detective Chief Superintendent Les Hynds warned today of cases where pay-per-view child porn sites on corporate servers after gaining control to victims' servers.
Hynds declined to furnish details, citing operational reasons, but he gave a basic outline of the crime, which he describes as a growing problem.
"Organ......
[more] Sasser, Netsky Work Of Same Hacker After analyzing Netsky.ac and Sasser, Symantec researchers Friday concluded that it was almost certain the worms were written by the same hacker(s).
“The probability that they were written by the same person is very high,” said Alfred Huger, senior director of engineering with Symantec's response team. “And if the same person or group didn't actually write both, they certainly shared [source] code.”
Netsky.ac, which appeared Monday, contained text that......
[more] Trojans rise in the virus war Net users are facing a Trojan wave as hackers seek ways into victims' bank accounts.
The war of the worms may have averted attention to the NetSky's, Bagles and MyDooms, but make no mistake, a recent surge of Trojans has its collective eyes on your bank account and personal information.
'There's no doubt that we are seeing an increase in interest amongst the malware writing community
in Trojan horses and hacking into remote computers. It is more and more commo......
[more] Web Braces for Netsky.V's Attack Worm's latest variant exploits old vulnerabilities and spreads without an attachment. The latest variant of the hugely effective Netsky series of worms is causing trouble by spreading without the use of an attachment. Slipping past many e-mail gateways, it can launch simply by being viewed in an e-mail program.
Rather than attaching the worm's executable code to an e-mail message, Netsky.V uses two separate vulnerabilities in Microsoft software to download th......
[more] Hackers hacked by hacker They know nothing about their own security, plenty about others An alliance of hackers dubbed the Hackers Against America (HAA) has had its website defaced by er a Hacker.
The group, which has its site based deep in the Russian Confederation, boasts that it has links to the Al Qaeda terror group.
According to Zone-H, when news of HAA's association with terror groups got out, it so peaked a Portuguese hacker called Marcos that he wrote to them and gave them a piece......
[more] More emerges about Brazilian hacking hacker A supposed group of international hackers declares digital war against the United States directly from their headquarters in Russia. They call themselves Hackers Against America (HAA) and their purposes are based on stealing classified documents and launching mass virus attacks against government servers. They claimed to have active members from China, Hong Kong, Brazil and Russia and were already planning a massive attack for the next days.
Sounds......
[more] Spammers get fussy as zombie army grows Is your Internet connection actually worth infecting? The Bobax worm tests PCs first to see if they'll be good spam zombies The Bobax worm, which is less than a week old but has already spawned four variants, is one of the first worms to conduct a bandwidth test on its infected host to see if it is worthy of being used as a spam zombie.
Bobax uses a combination of the Windows vulnerabilities exploited by the Sasser worm and the MSBlast worm. Although B......
[more] Spammers fussy over zombie army recruits Is your Internet connection actually worth infecting? The Bobax worm, which has already spawned four variants, tests PCs first to see if they'll be good spam zombies. The Bobax worm, which is less than a week old but has already spawned four variants, is one of the first worms to conduct a bandwidth test on its infected host to see if it is worthy of being used as a spam zombie.
Bobax uses a combination of the Windows vulnerabilities exploited by the......
[more] Hacker group gets dose of own medicine An alliance called Hackers Against America (HAA) has received a dose of its own medicine with its own website having been defaced, according to information at the defacement archive Zone-H.org.
The group had its website hosted by a free provider in Russia. According to Zone-H, it had claimed that new members were rapidly joining up, including one American who had links to the Al Qaeda group.
However, one hacker (for whom Zone-H used the pseudonym M......
[more] Al Qaeda Messages Posted on U.S. Server An Internet computer server operated by an Arkansas government agency was transformed last weekend into the online home of dozens of videos featuring Osama bin Laden, Islamic jihadist anthems and terrorist speeches.
State government officials removed the files from a computer operated by the Arkansas Highway and Transportation Department shortly after they were discovered, a government spokesman said. The case highlights an increasing trend of hackers hi......
[more] Bulk mailer faces criminal charges A bulk e-mailer in Florida has been charged with electronically breaking into a massive data warehouse and stealing gigabytes of personal information on Americans, federal prosecutors said Wednesday. Scott Levine, 45, of Boca Raton was indicted by a federal grand jury in Arkansas for allegedly breaking into Acxiom's servers and downloading 8.2 gigabytes of data in what the U.S. Justice Department called one of "the largest cases of intrusion of personal data t......
[more] PDA Viruses Could Get Nasty Pests could easily run undetected on handhelds and spread quickly online, security expert warns. Viruses that target handhelds can be even more dangerous than their cousins that attack PCs, spawning self-replicating programs that hide easily, a security researcher told an audience of security professionals at the Black Hat Briefings conference here this week.
The first virus aimed at Pocket PC handhelds, revealed last week, could be far worse if it were modified slig......
[more] Microsoft details XP SP2 conflicts Software giant publishes lift of nearly 50 programs that do not work after XP SP 2 is installed Microsoft Corp. has published a list of nearly 50 applications and games that may not work correctly after installing Service Pack 2 (SP2) for Windows XP.
The list, published in a knowledge base article on Microsoft's Web site, includes developer and backup tools, antivirus software and an FTP (file transfer protocol) client. The applications may not work correctly......
[more] Trojan horse exploits image flaw Internet watchers say they've spotted infected images that could implant a back door into a Windows computer if they are viewed. EasyNews, a provider of Usenet newsgroups, said it has identified two JPEG images that take advantage of a previously identified flaw in the way Microsoft software handles graphics files. Windows users could have their computers infected merely by opening one of those Trojan horse images.
The report of the widely expected exploit com......
[more] Aladdin Identifies Potential Mega Virus Related to JPEG Vulnerability Aladdin Knowledge Systems, Ltd. today announced it has identified a potential \'mega virus\' stemming from the recent JPEG vulnerability. Aladdin content security specialists based in Haifa, Israel have pinpointed three scenarios that could lead to a wide-spreading virus affecting organizations around the globe.
Mr. Shimon Gruper, vice president of technologies for the Aladdin eSafe Business Unit, outlines three possible sce......
[more] MS and security: good effort but no cigar Last week I watched the webcast of Bill Gates speaking at the RSA conference in San Francisco. He talked about Microsoft's plans to build upon the progress it's already made in security. These plans included better protection against spyware and spam. Gates also announced Microsoft's intention to release Internet Explorer 7, complete with a number of security improvements, by the end of this year.
Looking back, the company has indeed made notable progr......
[more] The Web, not email, poses the biggest security threat to systems To most companies, the perception is that the biggest threat to their users’ security continues to come from email and Spam. In today’s world, corporate communications systems are totally reliant on giving their employees Web access and email to conduct their business. Take away access to email and the Web for most employees, and they’d claim their productivity would fall. So the focus today of most IT security vendors and corpora......
[more] Will 'Internet security' always be an oxymoron? According to Jonathan Yarden, we've reached a point where it's no longer possible to hide the fact that there's a horrible problem with core Internet security. Is this the point of no return, or is a secure Internet still possible? Jonathan delves into the past to see how we got to this point and shares his thoughts on where to go from here. It's common knowledge that using something you don't understand means incurring a certain degree of risk. S......
[more] Israeli Police Uncover Massive, Trojan Horse-Based Industrial Spy Ring Spyware aided theft of "tens of thousands" of major business documents from Israeli companies. Israeli police have uncovered a massive industrial spy ring that allegedly used Trojan horse software to snoop into some of the country's leading companies.
The case will have major implications for the business community in Israel--and possibly beyond--as all the companies accused of having used the software are themselves leading......
[more] FatPipe Beats Service Disruptions When an accidental fiber-optic cable cut disrupted businesses in greater Boston, Ardais, a clinical genomics company based in Lexington, Mass., lost connection to its service provider for nine hours. That’s when the company decided it had to add a second connection to avoid any further downtime. (For more on Ardais, see Capturing Clinical Information, Bio-IT World October 2003).
Service outages, while sporadic and of varying length, have a great impact on Arda......
[more] Hotel hacking could pump smut into every room Hotel hybrid broadband internet and TV-on-demand entertainment systems are open to attack, security researchers warn. Penetration testing firm SecureTest has identified a number of vulnerabilities in the implementation of hotel broadband systems delivered using Cisco's LRE (long-reach Ethernet) technology. Using a laptop connected to a hotel network, SecureTest found it was possible to control the TV streams sent to each room or gain access to other......
[more] Spoof email tricks AOL users An email scam is targeting AOL customers in an attempt to steal personal details, according to web monitoring company Websense.
Users receive a spoofed email purporting to come from the security department at AOL claiming that the company suffered a security breach over the weekend and that confidential information may have been compromised.
The email also requests users to connect to a website to download and install a new 'security patch', which will 'protect th......
[more] Convicted data thief gets eight years A bulk e-mailer who looted more than a billion records with personal information from a data warehouse has been sentenced to eight years in prison, federal prosecutors said Wednesday. Scott Levine, 46, was sentenced by a federal judge in Little Rock, Ark., after being found guilty of breaking into Acxiom's servers and downloading gigabytes of data in what the U.S. Justice Department calls one of the largest data heists to date. Acxiom, based in Little Rock,......
[more] Look at your network through a hacker's eyes Most administrators know a great deal of information about the networks they secure—that's part of the job. But to really ensure security, you need to look at your network through the eyes of a determined attacker. In this edition of Security Solutions, Mike Mullins tells you how. Hackers want to learn everything they can about your organization's Internet presence, intranet design, and security posture. The first step any serious hacker will take wh......
[more] Smokin'! Firefox 2 beta set to go public The Mozilla Foundation is poised to release a beta version of Firefox 2, the next major version of its web browser.This will be the first beta version of Firefox 2 to be made publicly available, and Mozilla hopes software developers will download it and test whether it is compatible with their existing Firefox extensions.Tristan Nitot, president of Mozilla Europe, explained: "We have over 1,000 extensions already but they may not work with this new......
[more] How the web went world wide In a few short years the web has become so familiar that it is hard to think of life without it. Along with that familiarity with browsers and bookmarks goes a little knowledge about the web's history. Many users know that Sir Tim Berners-Lee developed the web at the Cern physics laboratory near Geneva . But few will know the details of the world wide web's growth - not least because the definitive history of how that happened has yet to be written. Zero to hero One......
[more] SurfControl First to Detect Malicious Application on Fake Skype Web Site SurfControl, the global leader in Internet protection, is currently tracking a new spyware threat that comes to users via an email written in Turkish and claiming to be from Skype, the popular voice over Internet protocol application. The body of the email encourages users to download the Skype application by clicking on an enclosed link. Upon clicking the link, users are taken to a site that appears to be the Turkish vers......
[more] IM News & Trends Watch This past week Google has updated its IM product, Google Talk with several new features. The file transfer feature, one of the most requested features by users, allows you to send unlimited files and folders through Google Talk. Google has placed no restriction on the file type or size. As you would expect the dismal feature allows you to leave a voicemail message when your Google Talk buddy isn't available. When users receive voicemail they are informed via an e-mail......
[more] Many Web application security vulnerabilities are not as serious as they seem When interpreting the results of a vulnerability assessment, you need to focus on what's important in your Web application security testing. There are three sides to the story when looking at Web application security testing: yours, the findings of your vulnerability assessment, and the truth. Whether you're using a commercial or open source scanner, you're undoubtedly going to glean a lot of information and come acro......
[more] One Flaw And a First For Latest Firefox Update Typically when Mozilla updates its Firefox browser, it includes a number of security updates. For Firefox 2.0.0.3 and 1.5.11, that number is one. The update also marks the first time Firefox has benefited from an expanded community effort. The one flaw is of the low impact variety and addresses the manner in which Firefox handles a certain FTP (define) command. According to Mozilla's security advisory, a malicious Web page could potentially exploit......
[more] Cisco warns of FTP backdoor in IOS Cisco says a flaw in the FTP server utility in its IOS router/switch software could be used as a backdoor by attackers. IOS FTP, which comes disabled by default in IOS, is used to upload IOS software images and other software to routers and switches remotely. However, Cisco says attackers could exploit a vulnerability in the FTP server to gain access to the file system of an IOS-based router or switch and affect configuration settings. "Unauthorised users......
[more] Companies warned over Internet data Security firm Cyber-Ark has warned companies not to be complacent about the data they allow to flow over the internet, after the European Union announced an investigation into Google for retaining data from its search systems for too long.The EU's Article 29 Data Protection Working Party, a group of officials that advises on privacy policy, asked Google last week to justify the retention of data on its users' internet searches for up to two years.Google's rec......
[more] FatPipe WARP Helps Internet Business Achieve Always-Up Internet Availability to Customers and Retailers The Internet business Shoplocal announced this month that it has attained Internet reliability and redundancy, thanks to FatPipe Networks, (www.fatpipeinc.com) the inventor of router clustering devices for reliable, redundant and high speed Internet WAN connections. Shoplocal is an online shopping and advertising company made up of more than 200 affiliate media, search and shopping sites that......
[more] Fox News server found unsecured Network's site left file directories and sensitive content exposed Security analysts spotted a gaping security hole in Fox News Network LLC's Web site on Monday, revealing file directories and sensitive content, although it appears the problem has been fixed. Several directories were visible on a server for Fox News that should normally not be accessible by a Web browser over the Internet. A systems administrator may have forgotten that the directories were viewab......
[more] Hacker goes public with Firefox flaw Mozilla is working on a Firefox patch after a hacker published attack code for a new vulnerability. The flaw lies in Firefox's URL handler component, which was the source of another bug, disclosed earlier this week by Mozilla. This second flaw was disclosed by Billy Rios and Nathan McFeters, security consultants with VeriSign and Ernst & Young respectively. Like the first flaw, this one could be exploited by attackers to delivery malicious programs to th......
[more] Warez land man 30 months in prison An Illinois man was sentenced to 30 months in prison for his part in an organized online software distribution conspiracy, the US Department of Justice announced late last week. That's warez, if you don't prefer the grandiose. After serving his time, El will get an additional three years of supervision by District Judge Ellen Burns in New Haven, Connecticut.On May 4, 2007, El pleaded guilty to one count of conspiracy to commit criminal copyright infringement. U......
[more] Hackers steal server log-ins from hosting firm Hosting vendor Layered Technologies admitted this week that hackers broke into its support database and made off with as many as 6,000 client records, including log-in information that could give criminals access to clients' servers. The US firm, which operates a pair of datacentres that hold the physical servers it manages for clients, said the break-in happened on Monday night. "The Layered Technologies support database was a target of malic......
[more] F-Secure warns of increased Banking Detail Thefts and Man in the Browser incidents Security firm F-Secure has issued a warning to computer users all over world regarding an increase in attacks that target user data on banking Web sites. These attacks use a new generation of malicious codes and a technique known as “Man in the Browser”. From time immemorial, cyber criminals have been seeking ways to steal the personal and banking details of Web users. Now, as time has gone by, and security soluti......
[more] Sites shut down after hack on Fasthosts The UK’s largest web hosting firm, Fasthosts, has temporarily shut down some of its customers' websites – hundreds of sites are reportedly affected – following a hacking attack on its database. The database contains the financial details, email addresses and passwords of over a million businesses for which Fasthosts hosts websites. Whether or how the thieves have used the stolen data is not yet known. On 29 November Fasthosts had to forcibly shut down a n......
[more] Mystery web infection grows, but cause remains elusive The mystery over a cluster of poisoned websites distributing a toxic malware cocktail may be better understood but it's still not solved. Five days ago, we wrote about the infection of several hundred websites that was unlike anything seasoned researchers had seen before. Mary Landesman, a cyber gumshoe who first brought it to public attention, asked for help from other security pros in figuring out how the unusual new technique worked. And......
[more] Logins for 8,700 FTP servers found on sale Criminals have assembled a huge database of hacked FTP server logins belonging to some of the world’s leading companies, a security company has revealed. Security vendor Finjan said it had stumbled upon a database containing account usernames, passwords and server addresses for a staggering 8,700 FTP servers, many of which were being used by US Fortune 100-level enterprises. The hacked servers could be used to distribute crimeware by injecting iframe t......
[more] Stolen credit card supermarket exposed Security firm Finjan has uncovered a website supermarket for stolen card data. The 'SellCVV2' website was found to be trading the card numbers and other data in a number of sophisticated ways. Criminals visiting the site would be able to earn discounts based on volume bought and choose from a range of tiers, starting at the least valuable Classic Visa or MasterCard - those with the lowest credit limits - through more valuable Gold, Platinum, and Corporate l......
[more] Brute-force SSH attacks surge An incident handler from SANS' Internet Storm Center has warned businesses to ensure their servers are secure as SSH attacks rose five-fold early this week. The SANS Internet Storm Center has warned businesses of rising numbers of brute-force SSH attacks. An SSH attack is a type of dictionary attack which aims to guess secure shell client usernames and passwords.Writing in the ISC's website diary, incident handler Scott Fendley warned security professionals to be a......
[more] The pitfalls of FTP Servers I’ve heard recently that there is a new craze for thrill seekers known as Russian Roulette parachuting – a one in six chance that the parachute might not open – but apparently this is just not close enough to the edge for some IT folks out there. It seems the latest stunt is using FTP (File Transfer Protocol) to provide access to information. You would have thought that this went out with Glitter Rock since they both showed up around 1972 but apparently there are stil......
[more] 1 Trojan + 3 years = 500,000 online financial accounts RSA FraudAction Research Lab has discovered log-in information for about 300,000 online bank accounts and 250,000 credit and debit card accounts that have been gathered by a cybercrime gang over the past three years using the Sinowal Trojan. "This may be one of the most pervasive and advanced pieces of crimeware ever created by fraudsters," according to a blog entry posted Friday from RSA, EMC's security unit. The Sinowal Trojan......
[more] Cyber-Ark introduces Managed File Transfer solution to provide governance over sensitive data exchange processes Enterprise organizations understand that traditional solutions such as Secure FTP or other home grown file-transfer solutions are not viable and have turned to Managed File Transfer (MFT) systems to accommodate the organisation's need for secure connectivity to third parties. Traditional MFT focuses on technical and operational aspects of file-transfers, such as multi-protocol support......
[more] Trend Micro to eyeball malware from cloud Trend Micro has unveiled a major update to its flagship scanning tools that puts your virus signature database online, plus a modular security and system management suite with partner BigFix. Trend Micro's updated OfficeScan Client/Server Suite includes an interesting change to the way its flagship scanning software keeps its list of digital undesirables.The most common method nowadays is letting each individual system store its own virus and malware si......
[more] 'Gumblar' attack explodes across the web A complex new malware attack is setting infection records and raising alarms from security experts. Known unofficially as 'Gumblar' for one of the attack domains, the malware is raising eyebrows and alert levels both for its prolific attack methods and for the danger of its payload. According to researchers, the attack is spreading through site compromises which inject malicious javascript code within components of the site. Upon visiting the infected pa......
[more] 'Gumblar' web attacks spreading quickly The attackers behind a series of rapidly spreading website compromises have begun using a new domain to deliver their malicious code, security experts said on Monday. The attacks, collectively referred to as 'Gumblar' by ScanSafe and 'Troj/JSRedir-R' by Sophos, grew 188 percent over the course of a week, ScanSafe said on Thursday. The Gumblar infections accounted for 42 percent of all infections found on websites last week, Sophos said on Thursday. Over t......
[more] Up to 40,000 web sites hit in mass hacking attack Security vendors cooperating to limit the damage threat poses Up to 40,000 Web sites have been hacked to redirect unwitting victims to another Web site that tries to infect PCs with malicious software, according to security vendor Websense. The affected sites have been hacked to host JavaScript code that directs people to a fake Google Analytics Web site, which provides data for Web site owners on a site's usage, then to another bad site, said Ca......
[more] Beladen infections plummet The number of sites infected with malicious code inserted by the Beladen injection has dropped significantly. Websense Security Labs ThreatSeeker Network has detected a consistent decrease of sites infected with the malicious code over the past five days. It claimed that the decrease in infections is highly suspicious, and it believes that the infected hosts are still under the control of the attackers. Websense said that it suspected that those behind the infections......
[more] FTP login credentials at major corporations breached A trojan has reportedly been uncovered that is harvesting FTP login data of major corporations, including the Bank of America, BBC, Amazon, Cisco, Monster.com, Symantec and McAfee. According to a report in The Register, Jacques Erasmus, CTO at UK-based Prevx, discovered a site where a trojan is uploading FTP login credentials from more than 68,000 websites. Once an individual's PC is infected with the trojan, that user's stored FTP login cred......
[more] Map out your zone defense A good exercise for any security admin is to map your security domains or zones. The idea is that a map of the inputs and outputs of your organization's data pathways will give you a clearer idea of the users, gateways, systems, and data that you are trying to secure. Unless you know about it, it's impossible to secure it. And, as the saying goes, a problem well defined is a problem half-solved. Start with all of the ways that people can enter your environment: LAN, WA......
[more] Microsoft to patch IIS bug Microsoft is to patch the IIS bug discovered a couple of days ago. The company has also released a security advisory describing the problem and detailing technical workarounds that system administrators can implement while they're waiting for a patch. "We're currently investigating the issue... and working to develop a security update," Microsoft said in a note on its website. "This update will be released once it reaches an appropriate level of quality for broad distr......
[more] Cyber criminals exploiting IIS bug says Microsoft Cybercriminals are already exploiting an unpatched hole in IIS server software, made public last week, according to Microsoft. The flaw can be exploited to let an attacker take control of an older IIS 5.0 server running on Windows 2000, provided the hacker has some way of creating an FTP directory on the server. Attack code that exploits the bug was posted last week. Other IIS users could also be hit with a denial of service (DoS) attack, thanks......
[more] Check Point provides businesses with preemptive protection against Microsoft exposure Check Point Software Technologies Ltd has announced that Check Point IPS solutions shield customers against exploits associated with the FTP Service in Microsoft Internet Information Services vulnerability. Successful exploitation of this unpatched vulnerability could allow hackers to take over an affected company’s systems. Although no Microsoft patch is currently available for this vulnerability, Check Point......
[more] 'Gumblar' botnet beginning to mobilise The massive network of pages compromised by the Gumblar botnet are now being used to spread malware, according to researchers. Security firm ScanSafe reported that a number of pages connected to the Gumblar attacks in May had been serving malware to visitors. The company noted that the attacks were unique in that rather than infect the pages to link to a single attack site, each of the compromised servers is hosting the malware on its own.
In addition to t......
[more] Gumblar site infections return, WordPress among affected In the latest wave of Gumblar attacks, the backdoor script being used to infect legitimate websites has been causing some WordPress blogs and other PHP-based sites to crash, security researchers have warned. "On various forums, you can find posts where webmasters report similar problems with their WordPress blogs," independent security researcher Denis Sinegubko wrote on his Unmask Parasites blog last week. "Their sites are broken and all......
[more] Gumblar botnet on the march again Security experts at ScanSafe are warning users to be on their guard after recording a resurgence of the notorious Gumblar botnet and its associated malware. The security-as-a-service firm warned in its monthly Global Threat report that 29 per cent of all web malware blocks last month were related to Gumblar, a botnet which installs traffic sniffers and backdoors on PCs and then uses stolen FTP credentials to compromise web sites. "Gumblar is arguably one of the......
[more] Scammers lurk behind Google Doodle Rogue hackers are getting cuter when it comes to hitting users with malware. Their latest trick is to exploit the Google picture of the day, the so-called Google Doodle. On Tuesday, users who clicked on the picture of LL Zamenhof, Esperanto's creator got a nasty shock. The picture which was celebrating 150 years since his birth had been doctored by hackers giving Google search users some uncomfortable results. It's the latest example of just how good scammers......
[more] From Passwords to MFT, Cyber-Ark Has a Vault for That There's a school of thought that says open source development yields greater security because the heightened transparency ensures that problems are identified and fixed at a quicker pace. There's another school of thought that says true security is obtained by building your own stuff and then concealing its existence. Cyber-Ark is an advocate of the second approach with its Digital Vault, which serves as the foundation for a series of securi......
[more] Zeus Trojan resurfaces Security vendor Websense is warning of a renewed spate of global attacks aimed at stealing information from staff in government and military departments via the notorious Zbot or Zeus Trojan. The malware, which was originally designed and used to steal banking data, was used in a campaign targeting government workers in the US and UK at the beginning of the month.
This follow up attack involves a fake email purporting to be from a reputable figure within the Central Intel......
[more] The biggest botnets: Is your PC part of one? There are hundreds of botnets, ad hoc networks of Windows PCs that are infected with one or more programs to let them do the bidding of their controllers, some are far more trouble than others. While you can't afford to ignore any botnet threat, here are some of the worst of the worst. "When it comes to botnets, size does matter," said Scott Emo, head of endpoint solutions at Check Point, a network security company. That's because "the......
[more] Lessons of HMRC breach lost in time Who could forget that historic HMRC security breach in November 2007 which saw the bank details of 25 million people go missing? The surprising answer to that question is around 20% of companies, it would seem. At the time, the Conservative Party told the BBC that the breach was "a catastrophic failure" and then Chancellor Alistair Darling admitted it was an "extremely serious failure on the part of HMRC to protect sensitive personal data entru......
[more] One in five companies are still using couriers to send sensitive files According to a survey released by Cyber-Ark, 19% of companies are still using couriers to send large or sensitive files, the insecure transfer method utilised originally by HMRC which left a disc containing child benefit information missing in London. 24 months since the publication of the Poynter Report which was commissioned after the HMRC breach, and almost three years since the original misplaced discs came to light, and......
[more] Softer data-leak prevention Data-leak prevention is growing at 10% a year, a bit slower than anticipated but still pretty fast compared to other security technologies. In this year's research we see DLP use or active evaluation among 36% of research participants. The primary driver is compliance, as with most security funding. In looking at DLP deployment over time we noticed something very interesting: quite a few companies that deployed DLP last year pulled back on their deployments because o......
[more] SQL injections dominate malware in 2010 As Gumblar named 'the most significant malware development in years'. The number of IPS SQL injections increased substantially in the second quarter of 2010 following a downturn. Cisco's global threat report for the second quarter of 2010 revealed that IPS SQL injection signature firings increased substantially in the period to coincide with outbreaks of SQL injection-compromised websites. It also claimed that Asprox SQL injection attacks made a reappearan......
[more] Cache of stolen FTP credentials discovered Security researchers recently stumbled upon a malicious website that housed a cache of stolen FTP credentials. The malicious domain, discovered last week by researchers at network security and management firm Blue Coat, housed a set of sensitive files, two of which contained a total of nearly 100,000 login and password combinations for a mixed batch of domains. Another file contained 1,905 login and password combinations for the Servage.net domain, a......
[more] Beware the all-powerful administrator In an unchecked, unmonitored virtual environment, administrators are all-powerful -- and that's not a good thing, consultants and IT executives agree. "This gives server admins the keys to the kingdom, and most of the time they don't understand the security risks," says Vauda Jordan, senior security engineer for the Phoenix city government. For example, administrators may create a virtual FTP server that compromises security. Or they may inadverten......
[more] Researchers take down Koobface servers Security researchers, working with law enforcement and Internet service providers, have disrupted the brains of the Koobface botnet. Late Friday afternoon, Pacific Time, the computer identified as the command-and-control server used to send instructions to infected Koobface machines was offline. According to Nart Villeneuve the chief research officer with SecDev Group, the server was one of three Koobface systems taken offline Friday by Coreix took down th......
[more] Kroxxu botnet hits a million web users Security experts have uncovered a dangerous new botnet which has already infected over 100,000 domains and one million systems worldwide, although it is still unclear how the cyber criminals are monetising their efforts. The Kroxxu botnet has been designed solely to steal FTP passwords but, unlike traditional botnets, it is able to spread through infected web sites alone rather than individual PCs, according to researchers at Avast Software who have been tr......
[more] Security Manager's Journal: Buried in SIEM configuration I mentioned in my previous column that in my new job, I inherited a project to implement a security incident and event management (SIEM) tool. In response, several readers e-mailed to tell me about their experiences. Here's what I've learned in tackling this project over the past couple of weeks. There are a few different ways to use SIEM. It can alert you to anomalous behavior and malicious code. By pulling in data from our antivirus sca......
[more] Researchers pry open Waledac, find 500,000 email passwords Researchers have taken a peek inside the recently refurbished Waledac botnet, and what they've found isn't pretty. Waledac, a successor to the once-formidable Storm botnet, has passwords for almost 500,000 Pop3 email accounts, allowing spam to be sent through SMTP servers, according to findings published on Tuesday by security firm Last Line. By hijacking legitimate email servers, the Waledac gang is able to evade IP-based blacklisting t......
[more] Microsoft patch will lead to 900 million reboots According to Alan Bentley, senior vice president with Lumension, next week's Tuesday updates will involve a dozen patches fixing 22 vulnerabilities. The good news, Infosecurity notes, is that one of the critical patches is the long awaited Internet Explorer fix that will address the public vulnerability threat. "After a pretty relaxed January patch bulletin, 900 million people will be having to patch and reboot their system following the rele......
[more] Hack data provided by RSA in exchange for customer secrecy RSA has started providing more detail into the mid-March attack on its SecurID token-based authentication system, but to get a fuller story you have to be an RSA customer willing to sign a nondisclosure agreement (NDA). An NDA means that you agree to keep secret what RSA would be willing to tell you. Sources say RSA is reaching out to its largest customers, especially those in sensitive industries, to get IT executives to sign such NDAs.......
[more]
