Posts Tagged ‘Application Protection’

Hackers Exploit Microsoft Vulnerabilities

by on May 19th, 2009

windows-hack3On FireBlog, we’ve discussed several vulnerabilities found in open source applications, but it’s important to mention that vulnerabilities exist in even the most protected application code. Even Microsoft, which has a 1:1 ratio of programmers to quality control analysts, cannot always prevent their software from containing exploitable vulnerabilities.

In just the last few months, Microsoft has announced two vulnerabilities discovered in their popular Office application suite. Specifically, these vulnerabilities affect Excel and PowerPoint, and both flaws allow hackers to install malicious software or even hijack a computer completely. For more information about resolving these two vulnerabilities, read the full report by Computer World.

(more…)

Tags: , , ,
Posted in: Web Hosting | No Comments »

UK Imposes Strict Data Loss Policies

by FireHost Evangelist on May 15th, 2009

uk-data-loss1Following serious breaches in data security, most notably a loss of 25 million records on two unencrypted discs from Britain’s Revenue & Customs, the United Kingdom is implementing strict data loss policies on governmental organizations in the UK.

These new strict data loss prevention measures include file encryption, digital rights management, storage policies, data classification, and new staff security procedures. For the interesting specifics, click here.

Although your company may not deal in national secrets, your company should consider similar measures to prevent data loss, which can prevent the loss of confidential information, trade secrets, and vital business and customer records.

(more…)

Tags: , , , , , , , ,
Posted in: Online Backup, Security, Web Hosting | No Comments »

Maximize Joomla CMS with Secure Web Hosting

by FireHost Evangelist on May 12th, 2009

joomla-hostingDespite an odd sounding name, Joomla is an award-winning content management system (CMS), enabling users to build dynamic websites and powerful online applications.

If you’re not familiar, a content management system (CMS) is software that tracks, manages and displays every piece of content on your website. Content can include simple text, photos, music, videos, documents, or anything else you want on your website.

Joomla is one of the most popular website building and management software platforms due in large part to it’s ease-of-use and deep extensibility. Joomla is suitable for a wide variety of applications like powering corporate websites, online magazines, e-commerce portals, and small business websites around the world. This is just a handful of the popular websites powered by Joomla.

(more…)

Tags: , , ,
Posted in: Web Hosting | No Comments »

How do you steal a fighter jet?

by FireHost Evangelist on May 8th, 2009

jsf-352It’s an astonishing question. How would someone go about stealing the most advanced fighter jet in the American military arsenal? The answer: You break into the most secure computer network in the world and steal the plans.

According to recent reports, hackers have systematically stolen thousands of files about the U.S. military’s new Joint Strike Fighter, our most advanced fighter in history. Specifically, hackers stole files concerning the design and electrical system of the new fighter, by infiltrating Pentagon and defense contractor computers.

Additionally, hackers were able to break into air traffic control systems operated by the U.S. Air Force. This gave them the opportunity to view the location of any U.S. military aircraft, in real time. While Department of Defense and Pentagon officials believe attacks such as these are the result of foreign states, rather than the work of individuals or small groups, such extraordinary attacks raise numerous questions about computer security in general.

(more…)

Tags: , , , ,
Posted in: Web Hosting | No Comments »

Secure Drupal Hosting

by FireHost Evangelist on May 5th, 2009

drupal-hostingEven if you’ve never heard of Drupal, there’s a good chance you’ve experienced it.

Drupal is a powerful and popular open source CMS (content management system) which enables users to build and showcase dynamic website applications. Becoming a favored tool in website development, Drupal is utilized by thousands of companies, such as Yahoo, Warner Bros, and The New York Observer. Equipped with a powerful blend of features, Drupal supports a variety of websites ranging from personal weblogs to large community-driven websites.

By using Drupal plug-ins, your website can provide beneficial features such as an internet forum, blogging platform, customizable layouts, individual user accounts, RSS feeds, and many more exciting possibilities. Since Drupal is an open source application, it is completely free to use, making it essentially a “priceless” CMS.

(more…)

Tags: , , ,
Posted in: Web Hosting | No Comments »

Cybercriminals Poison Basketball Fans’ Search Results

by FireHost Evangelist on May 1st, 2009

march-madnessDuring the height of March Madness, college basketball fans around the country performed hundreds of thousands of searches for brackets, inside scoops, roster information, breaking news, pools, and more. In their hunt for information, many visited unfamiliar websites which promised what they sought, only to have their computer infected and their private data stolen.

Investigators have now concluded that cybercriminals were poisoning Google search results, misdirecting innocent sports fans to websites which automatically downloaded and installed malicious programs on the victim’s computer.

These SEO (Search Engine Optimization) attacks have become increasingly popular among cyber gangs, who had been redirecting hapless victims to sales pitches for worthless antispyware subscriptions. Recently, however, these cybercriminals have expanded their malicious attacks to infect your computer with code as soon as you load a compromised web page, turning your computer into an unwitting accomplice in spreading malicious software and stealing your private data in the process.

Cybercriminals have also begun poisoning Google search results for legitimate websites, taking advantage of poorly written Javascript code on websites such as USAToday.com and Wired.com, exploiting the site’s Javascript by injecting their own malicious code. Unfortunately, experts believe these attacks will continue to spread to thousands of websites in the near future, which means your website could soon become a victim.

Having a security-focused web hosting provider can help prevent your website from becoming the malicious tool of another. Before you trust any hosting provider with your website, ask them how they handle security for your website. At FireHost, we use three layers of application protection to catch, stop, and prevent attacks and manipulation. Our first priority is providing security to our clients, which we deliver through dynamic intrusion prevention.

Once you have taken the appropriate measures to secure your website, FireHost can help provide your customers assurance that your website is secure and safe. We will purchase and install McAfee Secure Seals and SSL Certificates on your website, clearly demonstrating your website’s security and giving your customers confidence in doing business through your website.

To protect your website and business with industry leading secure hosting, visit FireHost.com and contact a FireHost Agent today.

Tags: , , , ,
Posted in: Web Hosting | No Comments »

USA Today: “SQL Injection Attacks Hit 450,000 a Day”

by FireHost Evangelist on March 20th, 2009

Modern cybercriminals are out to do harm. Simple as that. They penetrate vulnerable websites, steal private customer information, and commit identity theft every day. Hacker tools and methods of attack have become more sophisticated and wider in scope in recent months.

USA Today reports:

SQL attacks take aim at the database layer of websites. They typically were manual attacks designed to pilfer customer data from merchant websites. But last June someone figured out how to automate the attacks, and use them to plant infections. By mid-June, daily attacks spiked to 25,000; by October they topped 450,000 a day.

Holly Stewart, IBM ISS threat response manager, says the infections take advantage of security flaws in cool website features, such as online-delivered video, music, photos, documents and work files.

Giant financial institutions and online merchants have put up strong defenses, says Phil Neray, vice president of security strategy at Guardium, a database security firm. “The same is not necessarily true of regional banks and credit unions, smaller online retailers and state government agencies.”

FireHost is in business to address website security needs of the “smaller guys” Mr. Neray mentions above. It’s imperative your company respond to the threat of cybercriminals swiftly and effectively because SQL attacks strike governments and credit card companies every day. FireHost can help your company avoid the negative spotlight.

SQL attacks are preventable when your website, email, databases, and other applications are hosted with a security-focused web hosting provider. We’ve taken industry-leading measures to make enterprise-level security attainable for every business because we know that the last thing you need to do with your time is mitigate a high-profile website attack on customer information.

Most hosting providers don’t invest the resources required to maintain a prevention-focused, secure hosting environment. If your company does business online however, you owe it to your customers and employees to make sure their most important information is protected.

Here’s just a sample of what puts FireHost secure web hosting in a class of its own:

Network Layer Security
FireHost runs dual Sonicwall internet security devices, providing firewall redundancy for every client. This layer safegaurds websites, emails, and databases from unauthorized intrusions, like SQL attacks.

Application Protection
We also run a web application firewall to close the holes within your website’s applications, the entry-point for SQL attacks.

Vulnerability Monitoring
FireHost partners with McAfee to provide you with web-based website vulnerability auditing and remediation mangement, completing scans every fifteen minutes.

Register here to have a FireHost Security Agent perform a vulnerability report for your website. We will contact you shortly with the eye-opening results.

Tags: , , , ,
Posted in: Security | No Comments »

Why You Need SQL Injection Protection

by FireHost Evangelist on November 3rd, 2008

SQL Injections have website owners and developers running scared. If you haven’t heard of a SQL Injection, then you better listen up and hit Google university.

SQL Injections are the number one vulnerability exploited by hackers, by far. According to security vendor Sophos, 16,000 new websites are hit by the attacks every day. WordPress, Joomla, Drupal, .NET, classic ASP, PHPBB websites have all been hit with SQL Injections. Do NOT roll the dice on this one! Every web site big or small is vulnerable to injection by automated scripts attempting SQL-Injections through your webforms, dynamic URLs, etc.

This video from Graham Cluley of Sophos discusses the impact of a SQL Injection that hit BusinessWeek.

What can you do NOW to help secure your website?

  1. Ensure all logins use strong passwords
  2. Employ web form validation and/or CAPTCHA
  3. If you’re using a CMS or website platform, ensure it’s up-to-date (including all plug-ins)
  4. Ensure all components are current (ASPupload, etc)
  5. Use static URLs instead of dynamic URLs

FireHost takes SQL Injection protection to the next level by:

  1. Analyzing your website and web applications to assess the potential for SQL Injections and other hacking vulnerabilities
  2. Protecting your website using our secure and transparent Web Application Firewall
  3. Monitoring your website for new vulnerabilities

Tags: , , , , , ,
Posted in: Security | No Comments »