As a protest against the Indian government’s recent push on net neutrality and Digital India, AnonOpsIndia, a hacktivist group, compromised BSNL (Bharat Sanchar Nigam Limited) Telecommunications’ websites on Friday. Prior to the BSNL hack, AnonOpsIndia, usually referred as “Anonymous India,” has already compromised the nation’s PAN database and a coal-sector website last week.
Page 51 of 64
Hosting your website on a Virtual Private Server (VPS) can be a great way to improve your website’s security when compared to shared hosting. Why?
Think of shared hosting as sharing an apartment – it’s economical, but roommates can often bring on unnecessary trouble. If a thief steals some of your roommate’s belongings, chances are they’ll steal yours as well. Similarly, if a hacker injects website malware into another website on the same server as yours, it can affect your website as well.
With a VPS, your website has its own partitioned space, operating system and (usually) unique IP address, isolating it from cyber attacks. A VPS also provides access to the console, something that shared hosting usually doesn’t allow, which can be helpful when removing malware.
Neill Feather, President of SiteLock, has written a blog post explaining more security benefits of a VPS and website firewall on IT Toolbox – you can read it by clicking here.
A new report from the U.S. Government Accountability Office (GAO) suggests that U.S. banking regulators must hire and train more examiners with technology expertise to give more useful cyber security recommendations to small and mid-sized banks. According to GAO, many U.S. credit unions are vulnerable to cyber threats from outside vendors that help run their businesses, because their overseer, the National Credit Union Administration (NCUA) lacks authority to review technology practices of those companies.
LOT, the Polish national airline, announced on Sunday that it cancelled 10 flights due to the cyber attack towards its ground computer systems at Warsaw’s Okecie airport. The cyber attack took down LOT’s ground computer systems for 5 hours during which time 10 flights were cancelled impacting over 1,400 passengers who had planned to travel to Dusseldorf, Hamburg, Copenhagen, and some internal flights within Poland.
A recently released Insider Threat Report collected data from over 500 cybersecurity professionals to examine industrial efforts against insider threats. According to the report, although there has been a rise of insider threats over the last 12 months, organizations are not fully prepared for it yet. The report also examined which user categories showed the largest threat, the most vulnerable applications and data, common launch points for attacks, budget trends and more.
Several days after a major breach of the personal information of federal employees, the Senate rejected a cyber security measure on Thursday. The rejected bill would encourage private 5companies to voluntarily share information about hack attacks with the federal government to prevent future data breaches. The vote was 56-40, four votes short of the 60 needed to move ahead on the legislation. Many Democrats voted against the bill, mainly because it was tacked to a sweeping defense bill, which many Democrats oppose and President Obama has threatened to veto.
Don’t you love the feeling of customer inquiries in your morning inbox? So much interest in your site! You look closer at the emails and find they’re all from Michael – Michael Jordan, Michael Kors, Michael Vuitton – well, Louis Vuitton, but you get the point. Somehow, spambots found your form and blindly barraged your inbox with handbag and sneaker spam, or worse, adult content. How do you, a busy business owner, stop the spam while allowing legitimate requests? The good news is that you have a couple options – one is easy and the other, even easier.
Open source content management systems (CMS) like WordPress, Joomla! and Drupal have become some of the most popular platforms for creating websites. So much in fact, that over 25 percent of the entire internet is powered on WordPress.
Platforms like WordPress are free and have a huge community of users and developers, providing a vast ecosystem themes and plugins. Unfortunately, since they’re so popular, open source platforms are often a large target for hackers and since much of the platform is developed by volunteers, code vulnerabilities may exist.
Data breaches are fairly common occurrences these days – in 2014 alone, nearly half (43%) of all companies experienced a cyber attack. Even worse is that most data breaches take weeks or even months to discover, which can have devastating effects on a business since the average cost of a compromised record is worth more than $194.
What can businesses do to prepare for and mitigate the inevitable cyber attack? Check out what Neill Feather, president of SiteLock, recently wrote in an article on Smart Data Collective to help businesses put the proper recovery and response plans in place.
What Is Logjam?
Transport Layer Security, or TLS, is the protocol commonly used in HTTPS connections. Logjam is the code name for a cryptographic weakness in the Diffie-Helman key exchange algorithm used by TLS. The Diffie-Helman Exchange (DHE) allows two parties – a browser and server in our case – to exchange prime numbers in a secure manner which are then used to create a shared secret used to encrypt a session.
A team of computer scientists and security researchers found that precomputing the prime number groups that DHE uses allows faster computation of the discrete logs used to find the shared secret. With academic-level resources, the researchers precomputed a 512-bit group used by 82% of vulnerable servers. The researchers posit that nation-state level resources could precompute 1024-bit Diffie-Helman groups, affecting even larger swaths of the internet.