Posts Tagged ‘Prevent Hackers’

« Older Entries

Are YOU Your Biggest Security Threat? 5 Ways to Close Holes that Hackers Can Easily Breach.

by FireHost Evangelist on June 22nd, 2010

If I wanted to hack your eCommerce business, I’d have your help. It’s a fact that no one runs a business from one location (or one computer) anymore. In today’s world work gets done everywhere – in offices, at home, in a hotel, at the airport, while sipping mocha and siphoning Internet connectivity from a coffee shop.

Security risks increase when your business moves outside of the safety net of your main workplace. Mobile executives carry sensitive data around with them, and often times open it up to vulnerabilities just for the sake of convenience.

It all seems perfectly innocent. Connecting to wireless Internet in your hotel room, or syncing up to free wi-fi in a restaurant just to get a little work done. Convenient? Yes. Necessary? Sometimes. Is working remotely a down trending habit? Absolutely not. And so, we must learn (and educate our workforce) about how to work remotely more safely.

Protecting your mobile workforce is essential to protecting your business. And it can be accomplished (or at least done more successfully) by following a few simple tips to help keep your business safe from hackers, no matter where you go:

Stay Off the Free, Open Wireless

More and more public places are providing free, or shared wireless Internet. These open networks are dangerous. They’re risky for personal communications, but they are absolutely not suitable for conducting business without protection.

When jumping on public shared wireless connections, it’s essential to do so using a secure VPN connection with the latest encryption methods. This will funnel all your online activities (email, surfing, chat, etc) through this secure connection so prying eyes can’t see what you’re doing. Several companies offer this service but we’ve heard good things about Anonymizer.

As an alternative, Verizon, Sprint, AT&T, and others have mobile broadband services available for a reasonable monthly subscription. Spring for the mobile Internet access card. It’s a small expense for what you get in exchange – the ability to conduct business more securely outside the office.

Bonus Tip – turn off your wireless connection at all times when not in use so you are 100 percent sure about when you are connected to the Internet. If you’ve previously connected to default network names (like Linksys) then anytime that network name reappears at another location, you will be automatically connected to the network opening you up for risks.

(more…)

Tags: , , , ,
Posted in: Security | No Comments »

Vulnerability Exploitation Trends: Web Applications Outpace Operating Systems

by FireHost Evangelist on September 18th, 2009

vulnerabilityTrendAccording to a report by SANS.org, OS vulnerabilities are patched more quickly than client-side vulnerabilities on average. In addition, some client-side software remains unpatched or is not updated throughout it’s lifespan. As a result, hackers have found exploiting popular client-side applications such as Adobe PDF Reader, QuickTime, Adobe Flash, and Microsoft Office to be quite lucrative.

Attacks against popular web applications such as these constitute more than 60% of all attacks on the internet, and some of the exploits don’t even require a user to open the downloaded document or file. Victims’ computers may be compromised by simply visiting an infected website masked with the perception of being a trustworthy, big, software brand.

Client-side vulnerabilities are so powerful because they give hackers a mask behind which to carry out exploits. Users feel confident downloading files from trusted sources or using tools and applications such as Microsoft SQL, FTP, and SSH that are perceived to be safe because of popularity and industry-wide user-acceptance.

(more…)

Tags: , ,
Posted in: Security | No Comments »

Social Networks Targeted by Hackers More Often than Government & Law Agencies in ’09

by FireHost Evangelist on August 21st, 2009

This year, social networking sites have become popular targets for cyber crime according to a study of hacking episodes by Web Hacking Incidents Database (WHID). This is a shift from 2008 when government and law enforcement agencies were the most enticing targets.

socialTargets

Security experts believe social networks like Twitter and Facebook are targeted because of the sheer number of users. Defacement is the most common motivation for ego-driven hackers, and these high traffic, high involvement communities are a great way to disrupt many victims at once.

A study by Webroot sheds light on a few other reasons why social networks make a ripe targets for hackers.

  • 36% of social networkers admit they don’t hide personal information
  • 33% admit to using the same password for all of their online accounts
  • 28% accept “friend requests” from strangers

With such a high percent of social networking users being unaware of the dangers, “hackers lure users into taking actions they shouldn’t by making it appear as if a friend within their social netowrk has sent them a message – only the message is from a hacker who has hijacked the friend’s account,” warns Mike Kronenberg CTO of Webroot’s Consumer Business division.

(more…)

Tags: , , , ,
Posted in: Security | No Comments »

Top 10 Ways Hackers Obtain Confidential Data

by FireHost Evangelist on August 18th, 2009

top10Two and a half years after retail giant TJX Companies, Inc (parent company to TJ Maxx, Marshalls, and Home Goods) experienced one of the largest data breaches in history, the firm is still paying. This time, the settlement provides $9.7MM across 41 states to help protect consumers from payment card negligence. One quarter of those funds are devoted to creating a national fund that will investigate future data breaches.

In reality, the latest sum TJX has to pay is small potatoes compared to the capital outlay the retailer has made since 2007 to mitigate the security breach that exposed 45 million credit and debit card numbers. When the leak was discovered, TJX set aside $107MM to deal with the fallout and the expenditures to date are in that range. In two of the largest settlements, they’ve paid $24MM to MasterCard and $41MM to Visa banks. In addition, TJX has been ordered to undergo costly external audits every other year for 20 years by the FTC.

Is it 100% possible for companies to avoid costly and negative public facing situations such as this?

(more…)

Tags: , , , ,
Posted in: Security | No Comments »

Obama Administration Inviting Hackers to Help Fight Cybercrime

by FireHost Evangelist on July 14th, 2009

homelandThe US Department of Homeland Security is turning to hackers to help the 16-person advisory council (HSAC) obtain alternative viewpoints on cybercrime.

An article on FoxNews.com revealed the most recent committee member to be Jeff Moss, aka Dark Tangent. Mr. Moss is widely recognized as founder of the DefCon and Black Hat hackers’ conferences. He has worked in information security for accounting giant Ernst & Young and presently works as an independent cybersecurity consultant for a variety of corporations.

Mr. Moss looks forward to bringing  “a skeptical outsider’s view” to the HSAC, but admits he was surprised by President Obama’s invitation to join the council stating, “I always figured that because of my associations in the past that I would be kind of out of the running for anything like this.”

(more…)

Tags: , ,
Posted in: Security | No Comments »

« Older Entries