Posted on Aug 07, 2012
Every day, hackers are finding unique ways to breach domains. They are getting by IT departments’ firewalls and protections at ease. Now, they have adopted another method to prolong the life of Web-based attacks, according to the security firm Symantec.
A domain-generation technique has recently been witnessed in a series of drive-by download attacks to infect Web users with malware. This botnet-type malware is targeted towards compromised sites, and then launches the attack by relying on rogue code injected into the website and redirects their visitors to external domains that host exploit toolkits, such as Black Hole. This process is done through hidden iframe HTML tags.
Posted on Mar 08, 2012
For weeks we have been blogging about hackers, malware, and viruses hurting organizations and government agencies. Security cannot and should not be taken lightly. IT Support has to take these situations seriously because they can hit at a moments notice. It’s one thing to be reactionary but even better to incorporate proactive measures to beat those breaches.
Philippe Courtot, CEO of Qualsys is putting his money where his mouth is, launching the Trustworthy Internet Movement, and pledging $500,000 of his own funds to integrate security into the product-making process.
The Trustworthy Internet Movement (TIM) , like many movements, has a focus but no real solution as of yet. Courtot’s $500,000 will go toward recruiting members and providing resources to start creating security technology that is company-agnostic. Members can come from anywhere, any company, but the innovations won’t exist under their title. Courtot is looking for those with expertise in domain-focused enterprises, technology leaders, “stakeholders” or individuals who want to solve a particular problem (such as botnets), anyone willing to make a donation, academic institutions, and non-profits.
Before he takes the initiative to take on partners, he wants a win solution to the problems. Currently he’s focused on botnets, e-mail spoofing, and SSL compliance, but he hasn’t chosen a defined issue to battle as a priority. While solving a basic Internet issue like e-mail spoofing might not seem as a big priority, but it’s not impossible. He explained that the cause of e-mail spoofing is already known, so finding out “how” people do this is not the problem. Gathering the right people together to make a solution is. By coming up with actual technology, the Trustworthy Internet Movement will be better equipped to pitch venture capitalists.
Although, he does have a quiet start in this movement, he does have the backing of his customers like Google. I’m sure this will not be the last we hear about the Trustworthy Internet Movement, obviously there is a huge want and need to fix these constant attacks over the Internet.
Courtot is inviting anyone that has ideas to visit his website and contact them. He is willing to embrace anyone with solutions then prioritize and pick their battles to solve.
At FedSolutions, we know that Security is a priority with all our clients. We take the extra steps to know and observe all types threats on a daily basis, which we can prevent have been successful. Talk to us about your organizations needs for Security.
Posted on Feb 13, 2012
The Story continues with web attacks and doesn’t seem to stop. Malware networks is on the attack in search engines all over the web.
In 2011, the most significant evolution in the threat landscape was the use of malware networks, or malnets, to launch highly dynamic Web-based attacks, according to the Blue Coat Systems 2012 WEb Security Report.
These complex infrastructures, which outlast any one attack, drove a 240 percent increase in the number of malicious sites during the year and are expected to launch as many as two-thirds of all new attacks in 2012.
The Blue Coat Security Labs team first discovered the existence of these malicious networks early in 2011 and presently is the only company to specifically identify, track and block them.
The report is available, free of charge. The entire report is worth a look.
Malnets are distributed network infrastructures within the Internet that are built, managed and maintained by cybercriminals for the purpose of launching a variety of attacks against unsuspecting users over extended periods of time.
The end game for malnets typically is either stealing personal information or transforming end-user systems into botnets.
The Blue Coat 2012 Web Security Report details the strategies and tactics that malnet operators deploy to snare users and funnel them to dynamic malware payloads, or software which surreptitiously installs on users’ computers designed for malicious or criminal purposes.
In order to keep your organization safe. FedSolutions takes tedious steps to keep all our IT Security Support up to date and keep our clients safe. We are on top of our game giving our clients the security they need and deserve to keep their business moving. Let’ s get you started now!
