Showing posts with label security. Show all posts
Showing posts with label security. Show all posts

Saturday, 25 January 2014

Cyber Threats Hit Record Levels

Cyber threats and vulnerabilities have reached their highest level for more than a decade, networking equipment specialist Cisco's latest security study reveals. 

According to the Cisco 2014 Annual Security Report, which became available this week, cumulative annual alert totals rose by 14% on the year in October 2013. The IT major says that the malicious activity witnessed is at its highest level since the firm began tracking it back in 2000 as the targets of such attacks are failing to address the challenges of the quickly evolving threat landscape.

According to the report, there is a dire need for security professionals worldwide. This, coupled with the lack of adequate systems at most enterprises, leaves organisations without the necessary resources to address cyber attacks. Cisco has estimated that the global shortage of security experts will exceed one million this year.

A startling finding of the study is that all 30 of a sample of the biggest multinational company networks generated visitor traffic to websites with malware, with 96% reviewing communicated traffic to hijacked servers and 92% transmitting traffic to empty web pages, which is also usually associated with exposure to malicious activity, Cisco noted.

And it seems that malicious attacks are widening their scope among verticals. In the past two years, sectors that had remained relatively unscathed by malicious breaches, such as agriculture and mining, witnessed a substantial rise in malware encounters, the IT company said.

The research found that Multipurpose Trojans prevailed in web-delivered malware last year, accounting for 27% of all encounters, and, among programming languages, Java is still the primary target of online criminals.

In addition, Android turned out to be by far the most targeted mobile platform, accounting for 99% of all mobile malware.

Source: www.misco.co.uk

Saturday, 16 February 2013

Facebook site infiltrated!


The Facebook security teams has confirmed that the social networking site was targeted in a "sophisticated attack" last month.

The digital intrusion apparently occurred when a small number of Facebook personnel visited a compromised mobile developer website.

"The site hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines," a Facebook rep explained.

"After analyzing the compromised website where the attack originated, we found it was using a 'zero-day' (previously unseen) exploit to bypass the Java sandbox (built-in protections) to install the malware. We immediately reported the exploit to Oracle, and they confirmed our findings and provided a patch on February 1, 2013, that addresses this vulnerability."

Interestingly, Facebook says it wasn't not alone in the above-mentioned attack, as other sites were infiltrated as well.

However, the rep was also quick to point out that the social networking site had found "no evidence" of compromised user data.

"As part of our ongoing investigation, we are working continuously and closely with our own internal engineering teams, with security teams at other companies, and with law enforcement authorities to learn everything we can about the attack, and how to prevent similar incidents in the future," the rep added.


Source: www.tgdaily.com/