Online Vulnerability Scanners and Port Scans

Sometimes reading the news is like reading science fiction. However this is real and shows how far the criminal underground is progressing when it comes to monetisation of compromised machines. It all starts with malicious scripts being injected into poorly secured and managed web servers. Researchers at security firm Finjan said on Wednesday that they [...]

OSSEC is an excellent open source host based intrusion detection system. Works on Windows and Linux and detects security anomalies within the system. Such as brute force ssh attacks from the Amazon Cloud. It seems that like any web hosting service the Amazon Clould Web Services are open to exploitation. Of course in this post [...]

A simple SQL injection has resulted in more than 500’000 websites being compromised with a javascript include that sends visitors to the hacked websites to other sites containing malware that attempts to infect the client. Yet another example of simple security errors resulting in mass hacks of websites that whose ultimate purpose is the installation [...]

As we often mention here at HackerTarget.com real security is made up of a number of different processes, policies and technologies. If one part of the security picture is missing then your data is vulnerable. Where do you keep your backups? Are they in a secure location? While this example is a fairly rare occurrence, [...]

A tool discovered by Sans Security Handlers has shed some light on how 10000 web sites were compromised earlier this year. An automated SQL injection attack that utilized google searches against ASP pages that contained potential sql injection points is at the core of the attack. While we had a general idea about what they [...]

The iFrame attacks that have made news in recent weeks are spreading to more prominent websites.  Among the sites infected are USA Today, Target, and Wal-Mart.  The most recent attack targets search engine results; the results are manipulated so that users are likely to visit sites that have been infected with malware. http://www.news.com/8301-10784_3-9905951-7.html?part=rss&subj=news&tag=2547-1_3-0-20 http://ddanchev.blogspot.com/2008/03/massive-iframe-seo-poisoning-attack.html http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9073098&source=rss_topic17 [...]

A recent trend micro report examines the increasing number of legitimate web sites that are being attacked by cyber criminals. Schools, government and big business are all targets. A compromised web site is then used to deliver malware to any visitor who loads that web page. According to research from Trend Micro’s TrendLabsSM, hackers are [...]

More attacks on high profile web sites. It is clear from this article that the attackers found the victim sites by scanning servers and pouncing on the found vulnerabilities. The compromised servers were then used to serve up malicious code to build a botnet. It is highly likely regular vulnerability analysis would have saved these [...]

This article over at SecurityFocus has some eye opening comments from the authors of the Mpack exploitation kit. The increasing popularity of compromised websites being used as an exploitation platform against end users is becoming a worrying trend. There are a couple of tongue in cheek comments like these – Do you feel sorry for [...]

There is some good information to be found at Stopbadware.org on securing a web site and ongoing efforts to eliminate the threat of malware being served up by compromised hosts and rogue web hosting companies. Some basic steps that can be taken to make your site more secure include the following: Use strong passwords. Use [...]