Archive for June, 2009
by FireHost Evangelist on June 30th, 2009
Kevin Mitnick, the most well known hacker of the 1990′s had his personal and business websites compromised and defaced recently, and if you query Mitnick’s domain today, you still see remnants of the hack. Words like:
$ whois mitnicksecurity.com
MITNICKSECURITY.COM.HACKED.BY.NERD.FROM.WEB-HACK.COM
MITNICKSECURITY.COM
In a phone conversation today, Mitnick disclosed to FireHost’s Chief Security Officer that he was using secure hosting practices on his site, but the hackers got to his website through his hosting company’s DNS provider. They compromised the control panel for his domain names and redirected his site to a defaced version.
(more…)
Tags: Kevin Mitnick Hacked, Prevent Hackers, Secure Web Hosting
Posted in: Security | No Comments »
by FireHost Evangelist on June 30th, 2009
Despite a challenging economy, many companies are making room in their budgets for investments in information security initiatives.
According to a survey by Robert Half Technology, seven out of ten CIOs interviewed reported their companies would be investing in new information technology initiatives over the next year. 43% of the respondents overall reported information security as a top priority, and in the 
financial services and transportation sectors, information security was cited most often as the top priority.
“Although times are lean, many companies are finding that they can’t afford to postpone IT investments that lead to increased security, efficiencies or revenues,” stated Dave Willmer, Executive Director of Robert Half Technology. “Organizations also are trying to make sure they are prepared for growth when conditions improve, and enhancing their IT infrastructure is part of that process.”
Over the past year, there has been a significant rise in the number of malicious attacks on company websites. Symantec identified a 165% in malicious code signatures and cited that the explosive growth can be attributed to the professionalism of malicious code development, supporting the demand for goods and services that facilitate online fraud.
(more…)
Tags: Prevent Hackers, Secure Web Hosting, Website Security, Website Vulnerabilities
Posted in: Security | No Comments »
by FireHost Evangelist on June 23rd, 2009
Websense security labs have been tracking the Nine-Ball mass compromise attack since early June. They report to date, that over 40,000 legitimate Web sites have been compromised and are actively infected with an information-stealing trojan.
The Nine-Ball attack is deployed when a user visits a legitimate website that has been infected with the malicious code. From the legitimate website, unsuspecting users are redirected behind the scenes through a series of different sites owned by the Nine-Ball’s hackers.
(more…)
Tags: cyber security, cybercrime, Nine-Ball, Secure Web Hosting
Posted in: Security | No Comments »
by FireHost Evangelist on June 19th, 2009
Just three years ago, Drupal was a little-known, open source content management system (CMS) predominately used by nonprofits and small businesses who were enticed by the ability to create dynamic content for free using Drupal’s open source software platform. Since then, Drupal has become a staggering success with thousands of professional and casual users around the world.
Drupal’s Massive Appeal to Companies
The list of entities using Drupal includes large companies, like Sony and Warner Brothers. Organizations such as Human Rights Watch and the federal government’s Recovery.gov use Drupal too. The reasons for Drupal’s widespread appeal are many. Aside from being completely free to use, Drupal’s open source nature encourages active enhancement by thousands of developers around the world. The bottom line is simple, Drupal is constantly becoming better and better, without costing a dime.
The vibrant Drupal developer community includes dozens of “Drupal Camps” throughout the world, each with hundreds of attendees. Hosted by experienced Drupal users and developers who volunteer their time and knowledge, these camps are designed to foster innovation of the Drupal platform, educate new users, and spread the use of Drupal among web developers.
(more…)
Tags: CMS Web Hosting, Content Management Solution, Drupal Hosting, Secure Web Hosting
Posted in: Web Hosting | No Comments »
by FireHost Evangelist on June 16th, 2009
In less than one hour last Thursday, Internet security journalist Elinor Mills mastered the tools of the hacker trade at McAfee’s Malware Experience event.
It takes “as little as $300 to infect several Windows clients and take complete control of them in a test environment,” Mills reports. By using real samples of malicious code, she was able to infect PCs with a Sub Seven Trojan and gain remote access to the machines. Once inside the computers, she was exposed to some of the malicious tricks hackers can play on unsuspecting malware victims.
(more…)
Tags: Hackers, malware, Secure Web Hosting, Sub Seven Trojan
Posted in: Security | No Comments »
by FireHost Evangelist on June 12th, 2009
Recently Trustwave, a payment card industry security and compliance firm, discovered malware installed on ATMs in Russia and Ukraine.
According to the article on eWeek.com, malware on each of the infected machines (running Windows XP) was installed and activated through a Borland Delhi RAD (Rapd Application Development) executable dropper file by the name of isadmin.exe. The dropper binary contains a Data Resource (RCDATA) named PACKAGEINFO that contains the actual malware. The dropper file is executed when the hacker inserts a fake ATM card with the malware trigger code into the machine. Once activated, the trigger code produces the malware file Isass.exe inside the C:\\WINDOWS directory of the compromised system.
The eWeek.com article reports that this particular ATM hacker vulnerability can be easily modified to target multiple ATM vendors and is making it’s way to other countries, including the US.
Tags: malware, Secure Web Hosting, trustwave
Posted in: Security | No Comments »
by FireHost Evangelist on June 9th, 2009
Last week, web mail security company StrongWebmail’s $10,000 hacking challenge was defeated. Lance James who led the team of hackers agreed to make an exclusive interview with FireHost.
FireHost: Hello Lance James, thanks for the time to chat with us on FireBlog today.
Lance James: Thank you.
FireHost: Didn’t you write the book on phishing, literally?
(more…)
Tags: lance james, Secure Web Hosting, strongwebmail hack
Posted in: Security | No Comments »
by FireHost Evangelist on June 9th, 2009
In an unprecedented case, the Federal Trade Commission stepped in last Tuesday and shut down a web hosting provider in California.
Despite much positive press and a relatively long-standing history as a reputable web hosting services provider based in Oregon, Triple Fiber Network (DBA 3fn.net and Pricewert) was actually a cybercrime hub with principals and staff largely based in Russia.
FTC Chairman, Jonathan Leibowitz affirms, “Anything bad on the Internet, they were involved in it.” Other segments from the FTC’s reports indicated that 3fn.net hosted “vast quantities of illegal, malicious, and harmful content, including child pornography, botnet command and control servers, spyware, viruses, trojans, phishing related sites, illegal online pharmacies, investment and other Web-based scams, and pornography featuring violence, bestiality, and incest.”
(more…)
Tags: Secure Web Hosting, web host shut down, web hosting industry
Posted in: Web Hosting | No Comments »
by FireHost Evangelist on June 5th, 2009
Recently, Brian Krebs from the Washington Post reported that thousands of insecure websites were identified last year, many of which contained cross-site scripting (XSS) vulnerabilities. The stunning revelation in this report is the sheer number of websites that harbor the cross-site scripting (XSS) vulnerability.
“Xssed.com lists nearly 13,000 Web pages that hosted cross-site scripting vulnerabilities, including a large number at trusted and high-traffic Web sites such as yahoo.com, google.com, msn.com, myspace.com and facebook.com, and cnn.com.”
(more…)
Tags: Cross Site Scripting, Website Security, XSS
Posted in: Security | No Comments »
by FireHost Evangelist on June 2nd, 2009
WordPress has quickly become the first name in blogging, transforming from an idea on a kitchen table to a blog platform with more than 12 million users worldwide in a few short years.
The astonishing success of WordPress rests on the shoulders of the open source principle, which provides free access to anyone and everyone with a desire to use the software. This delivers a no-cost environment for users, but also enables absolutely anyone to contribute to the development of the WordPress source code. This has led to a plethora of plug-ins and themes which can take a WordPress blog to amazing new heights, in both function and aesthetics.
(more…)
Tags: Secure Web Hosting, Website Vulnerabilities, Wordpress Hosting
Posted in: Web Hosting | No Comments »
