The ratio of websites running on CMS’s can be assumed to be more than the custom designed sites built from scratch. Quite understandably, there are more number of users using WordPress than any other CMS, hence it becomes crucial to have enhanced security measures for your site. Due to a large volume of users using WordPress as a platform, an increasing number of hackers and fraudsters try to compromise the security of such sites. In majority of the instances sites running on WordPress are compromised due to outdated files and/or plug-ins. Such outdated versions of the associated scripts act as an easy meal for fraudsters. […]
US-Cert has just distributed a notification about the release of Chrome 16.0.912.77 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities.
The vulnerabilities may allow an attacker to execute arbitrary code or
cause a denial-of-service condition. […]
As much of the world mourns the passing of Steve Jobs — one of the technology industry’s greatest visionaries — the bottom feeders of the cyber crime world are greedily exploiting the tragedy through scams promising unwitting users a chance to win a free iPad.
Sophos has reported in its Naked Security blog on one such scam already circulating via Facebook that reads as follows: “In memory of Steve, a company is giving out 50 ipads tonight. R.I.P. Steve Jobs,” followed by a tailored bit.ly link ending with “restinpeace-steve-jobs.” Clicking the link takes users to one of countless malicious Web pages. […]
A Hacker group known as “The Lulz Boat” hacked the PBS website on Sunday and posted a false story claiming the rapper Tupac Shakur who has been dead for 15 years is actually alive and living in New Zealand. […]
After every major news event in recent years, such as the “Haiti Earthquake”, “Japanese tsunami”, “William and Kate Wedding” and now, “Osama Bin Laden dead” an increase of fraudulent web sites, links and files offering to provide information and unseen video, pictures come to a rise via emails and social networking sites. […]
Vulnerability Scanning –
Assess any target with an IPv4, IPv6, or URL with pre-defined policies for PCI, HIPAA, FISMA, and more. Identify CVE, OSVDB, IAVA, OVAL, and more.
Penetration Testing –
Exploit vulnerabilities to gain remote access. Run social engineering, phishing assessments, and more with the exploit tools suite. […]
Browser history hijacking is a flaw in a web browser that allows certain websites access to all the sites a user has ever visited. This is a techniques used by sporting, news, movie, financial and porn websites to better place ads and check to see if you have visited any of their competitors. […]
Web developers typically do not have any formal training in the area of security and their priorities usually lie elsewhere. Business functionality and meeting tight deadlines are typically the focus areas of developers and security is often forgotten, or at most, an afterthought. This leaves the door wide open for attackers to discover vulnerabilities and exploit them to gain access to sensitive data. […]