Facebook  Twitter  Google +  Linkedin

hacker threatSmall businesses are increasingly being targeted by computer hackers because their security is not as tough as larger companies, according to a Government report.
Cyber-crime is estimated to cost Australian businesses up to $1 billion every year, and the report claims 60 per cent of businesses hit by a cyber attack went out of business within six months.
However, small business-owners have largely indicated they did not believe they were in danger of being targeted.
The report shows only a quarter of small business owners thought they were at risk of having their data stolen and held to ransom, and less than half kept their anti-virus software up to date.
Only 2 per cent of small businesses treated protections against hacking as a priority.
Cybersecurity expert Matt Tett said many people mistakenly believed large companies, like cheating website Ashley Madison, were more likely to be targeted by hackers.

RouterRouters are among the most hackable devices out there — rarely updated, easily compromised, and almost never scanned for viruses. But a new router virus might actually be making the devices safer, according to a report from the security firm Symantec. Dubbed Linux.Wifatch, the bug behaves like a regular virus from the outside: infecting the device, operating undetected, and coordinating actions through a peer-to-peer network. But instead of performing DDoS attacks or looking for sensitive data, Wifatch's main role seems to be keeping other viruses out. It stays up to date on virus definitions through its peer-to-peer network, deletes any malware discovered, and cuts off other channels malware would typically use to attack the router. In short, Wifatch is actually protecting its victims.
It's still unclear where Wifatch comes from or why it was created, but it seems to be very different from the average virus. First detected by a researcher in 2014, the virus seems to make little effort to conceal itself, and leaves various benign messages in its code. One, triggered when a user tries to access the Telnet feature, reminds users to update the device's firmware. Another, dropped as a comment in the source code, repeats a statement from free-software icon Richard Stallman: "To any NSA or FBI agents reading this: please consider whether defending the US constitution against all enemies, foreign or domestic, requires you to follow Snowden's example."

Symantec estimates "somewhere in the order of tens of thousands of devices" are infected with the virus, with infections largely focused on Brazil, China, and Mexico. Resetting a device is enough to restore the infection, but the firm warns that a router may become reinfected over time. "Symantec will be keeping a close eye on Linux.Wifatch and the activities of its mysterious creator," the post concludes. "Users are advised to keep their device’s software and firmware up to date."
Source: The Verge

rootkit yimWhat is a root kit? A root kit describes mostly malicious software with one main characteristic: the process tries to hide itself from the user by manipulating file, registry, and other important access queries which makes rootkits especially hard to detect.

Detection methods include using an alternative and trusted operating system, behavioral-based methods, signature scanning, difference scanning, and memory dump analysis. Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only available solution to the problem.
There are at least five types of rootkit, ranging from those at the lowest level in firmware (with the highest privileges), through to the least privileged user-based variants

kaspersky internet securityKaspersky is one of the top and most commonly used antiviruses but did you know that Kaspersky is far beyond being an antivirus.
Kaspersky Lab, the world’s largest independent security software company extends its product from the endpoint to your servers and gateways, and the unique integrated design approach means you can secure and control all your physical, virtual and mobile devices from a single central management console, whatever the size of your infrastructure.

Kaspersky boasts a comprehensive list of technologies, from encryption and mobile device management to patch management and license inventories. All work seamlessly together, supported by the cloud-based Kaspersky Security Network, to give customers the world-class protection they need to combat ever more sophisticated and diverse cyber threats.

As with any system written by humans there are bound to remain some vulnerabilities and one of the most common vulnerabilities for web systems are the SQL injections. To a normal user this may not seem like much but to a hacker this is the gateway to have control over entire site at worst even an entire server. So protecting your site from these attacks is quite essential and it should be a systemic design with security kept in mind from the ground up.

Locating sites vulnerable to SQL Injections is trivial and can be done using your favourite search engines, automated assessment tools like Acunetix and can also be observed by checking any input parameter of the target web application. Some common ways these vulnerabilities are added to seemingly secure content management systems like Joomla and WordPress is through use of vulnerable plugins.
Once you’ve located the vulnerability the next step is to exploit it. Exploitation can be done manually by the attacker using any browser of choice or it can be automated by tools such as havij.