A test run by Domain Incite on the domains of companies on Deloitte’s list of top-1oo brands shows that even though these firms spend millions on their IT operations, 4 of the 100 have domains with serious security problems. The blog did not list the vulnerable sites, but mentioned that …
Read More »Hungarian police seize 50 servers in piracy raid
Budapest police conducted a raid late last week targeting torrent sites. Visiting several hotels and a technical college, it seized 50 servers containing 500 TB of data. According to police, some of the data was used to aid in the illegal distribution of copyrighted material. Many of Hungary’s BitTorrent sites …
Read More »ICANN publishes report on seedy registrars
ICANN, which seems to be cracking down on rule-breaking registrars lately, has published a new report criticizing a number of well-known registrars for unwholesome practices. Some of the firms mentioned in the document include UK2, Tucows, France Telecom, Enom and AOL. Among other things, ICANN lashed out against several of …
Read More »Server Attacked? Fight Back
Tehtri Security research Laurent Oudot has determined that most people who attack servers get their hacking software from freely available malware kits on the Web, rather than creating their own custom scripts. These kits often contain poorly written code that can itself be exploited. What does all of that mean …
Read More »How to Enable/Disable Root Login in SSH
Question: I have heard that enabling root login in SSH can be a security risk. Is that true, and if so, how do I disable it? Answer: The truth is that having root logins enabled is not in itself a security risk. The real risk comes from having an easily …
Read More »Bill could give United States right to seize Internet
Senator Joe Lieberman has introduced a bill to Congress that if enacted, would give the American government broad powers to direct Internet policy and seize control of critical infrastructure during emergencies. Called the Protecting Cyberspace as a National Asset Act (PCNAA), this legislation could effectively give the government control over …
Read More »Joomla Security Tips Part 4
Here are a few more Joomla security tips to help you make sure your Joomla installation is rock-solid. 1. Create strong passwords. You should change your administration password often and use a combination of upper and lowercase letters and numbers. Avoid using dictionary words, and make sure your password is …
Read More »Anti-phishing domain assurance and email authentication auditing
A new way of blocking unwanted emails through domain assurance and email authentication has been developed by reputation management services provider, Return Path. Until now, anti-phishing email authentication measures were far from perfect, with some businesses even afraid of not receiving wanted mail. The new process of Domain Assurance developed …
Read More »Thousands of Fake YouTube Pages Deliver Malware
Want to see a revealing video about the Gulf oil spill or the NBA Finals? Apparently thousands of Web users do, and many of them are being lured to video sites that look just like Google’s YouTube. But rather than playing the videos immediately, clicking “play” prompts the user to …
Read More »Security: Windows and Linux Executables
Servers handle command and application execution differently, depending on the operating system. From a security perspective, executable files should be tightly controlled. Only the server administrator should be allowed to install and run executables, and the server should not respond to file execution from within unauthorized directories. On a Windows …
Read More »