[News] At Least 20,000 Web Sites Compromised in March - Linux

This is a discussion on [News] At Least 20,000 Web Sites Compromised in March - Linux ; Hackers Tuck Attack Code Into UK Government Site ,----[ Quote ] | Trend Micro's Web site was one of up to 20,000 sites discovered in mid-March | where hackers found a weakness in the server's security that allowed them to ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: [News] At Least 20,000 Web Sites Compromised in March

  1. [News] At Least 20,000 Web Sites Compromised in March

    Hackers Tuck Attack Code Into UK Government Site

    ,----[ Quote ]
    | Trend Micro's Web site was one of up to 20,000 sites discovered in mid-March
    | where hackers found a weakness in the server's security that allowed them to
    | implant malicious JavaScript.
    `----

    http://www.pcworld.com/article/id,14...1/article.html

    The real number is probably far greater, so before the munchkins ridicule for
    PHP-based application coding bugs, they ought to be aware that Windows servers
    are affected without exception, as reported in the news many times already.


    Yesterday:

    Trend, Sophos and McAfee flunk Vista SP1 anti-virus tests

    ,----[ Quote ]
    | Top tier anti-virus vendors including McAfee, Trend Micro, and Sophos all
    | failed to secure Windows Vista SP1 in recent independent tests.
    `----

    http://www.theregister.co.uk/2008/04..._sp1_av_tests/


    3 days ago:

    New Zealand teenager convicted over international cyber crime ring

    ,----[ Quote ]
    | Owen Thor Walker, 18, known by his online name "AKILL," was involved in a
    | network accused of infiltrating 1.3 million computers and skimming millions
    | of dollars from victims' bank accounts. *
    `----

    http://news.smh.com.au/new-zealand-t...0301-1vzs.html


    Internet has a garbage problem, researcher says

    ,----[ Quote ]
    | Somewhere between 1 percent and 3 percent of all traffic on the Internet is
    | meaningless packets of information, used in distributed denial of service
    | attacks (DDOS) to knock Web sites offline. *
    `----

    http://www.linuxworld.com.au/index.php/id;1488056707


    No April Fools'--Storm worm is back

    ,----[ Quote ]
    | The compromised computer will then install the downloaded file as C:
    | \WINDOWS\aromis.exe. Nazario reports that the botnet file opens the firewall
    | using the netsh firewall set command, makes a lot of outbound connections,
    | then listens on a random UDP port. *
    `----

    http://www.news.com/8301-10789_3-990...=2547-1_3-0-20


    Last week:

    With Vista breached, Linux unbeaten in hacking contest

    ,----[ Quote ]
    | The MacBook Air went first; a tiny Fujitsu laptop running Vista was hacked on
    | the last day of the contest; but it was Linux, running on a Sony Vaio, that
    | remained undefeated as conference organizers ended a three-way computer
    | hacking challenge Friday at the CanSecWest conference. *
    `----

    http://www.linuxworld.com/news/2008/...rss-linux-news


    Recent:

    What spooks Microsoft's chief security advisor

    ,----[ Quote ]
    | Speaking at the Boston SecureWorld conference Wednesday, the 19-year
    | Microsoft veteran whose job includes protecting enterprises, developers and
    | Microsoft itself said there actually is plenty of good news on the security
    | front. For example, his outfit scans a half million devices (with customer
    | permission) per month and in the first half of last year saw the first
    | period-over-period decline in new vulnerabilities disclosed across Microsoft
    | and non-Microsoft software since 2003. * * *
    |
    | However, 3,400 new vulnerabilities were discovered and “it’s still a big
    | number,” Arsenault says. “So if vulnerability rates are down, where are
    | they?” *
    `----

    http://www.networkworld.com/news/200...-concerns.html


    Websense Security Labs first to discover vulnerability within Microsoft Office

    ,----[ Quote ]
    | This vulnerability allows code execution within an Excel document without the
    | knowledge of the user.
    `----

    http://www.itweb.co.za/sections/soft...20Watch&O=FPIN


    Bots rule in cyberspace

    ,----[ Quote ]
    | USA TODAY REPORTS that on an average day, 40 per cent of the 800 million
    | computers connected to the Internet are bots used to send out spam, viruses
    | and to mine for sensitive personal data. *
    `----

    http://www.theinquirer.net/gb/inquir...ule-cyberspace
    http://www.usatoday.com/tech/news/co...-botnets_N.htm

  2. Re: [News] At Least 20,000 Web Sites Compromised in March

    Roy Schestowitz espoused:
    > Hackers Tuck Attack Code Into UK Government Site
    >
    > ,----[ Quote ]
    >| Trend Micro's Web site was one of up to 20,000 sites discovered in mid-March
    >| where hackers found a weakness in the server's security that allowed them to
    >| implant malicious JavaScript.
    > `----
    >
    > http://www.pcworld.com/article/id,14...1/article.html
    >
    > The real number is probably far greater, so before the munchkins ridicule for
    > PHP-based application coding bugs, they ought to be aware that Windows servers
    > are affected without exception, as reported in the news many times already.
    >


    What on earth are HMG doing using Windows servers? They're expensive,
    unreliable, insecure, and, well, expensive. Linux is inexpesive, highly
    reliable, and far far more secure. This is not one of those complicated
    management decisions - even MBA types should be able to do this one...

    --
    | mark at ellandroad dot demon dot co dot uk |
    | Cola faq: http://www.faqs.org/faqs/linux/advocacy/faq-and-primer/ |
    | Cola trolls: http://colatrolls.blogspot.com/ |
    | Open platforms prevent vendor lock-in. Own your Own services! |


  3. Re: [News] At Least 20,000 Web Sites Compromised in March

    ____/ Mark Kent on Thursday 17 April 2008 15:19 : \____

    > Roy Schestowitz espoused:
    >> Hackers Tuck Attack Code Into UK Government Site
    >>
    >> ,----[ Quote ]
    >>| Trend Micro's Web site was one of up to 20,000 sites discovered in
    >>| mid-March where hackers found a weakness in the server's security that
    >>| allowed them to implant malicious JavaScript.
    >> `----
    >>
    >> http://www.pcworld.com/article/id,14...1/article.html
    >>
    >> The real number is probably far greater, so before the munchkins ridicule
    >> for PHP-based application coding bugs, they ought to be aware that Windows
    >> servers are affected without exception, as reported in the news many times
    >> already.
    >>

    >
    > What on earth are HMG doing using Windows servers? They're expensive,
    > unreliable, insecure, and, well, expensive. Linux is inexpesive, highly
    > reliable, and far far more secure. This is not one of those complicated
    > management decisions - even MBA types should be able to do this one...


    They need to be able to /SUE/ someone if something goes wrong, remember? That's
    their selection criterion. And by the way, Linux is not different in that
    respect, but myths and perception stymie adoption where the
    propaga^Hliterature and pamphlets took over.

    --
    ~~ Best of wishes

    Roy S. Schestowitz | Windows: innovative VTP technology (Virus Transfer
    Protocol)
    http://Schestowitz.com | RHAT Linux | PGP-Key: 0x74572E8E
    00:05:01 up 2 days, 22:17, 3 users, load average: 0.75, 0.95, 1.14
    http://iuron.com - Open Source knowledge engine project

  4. Re: [News] At Least 20,000 Web Sites Compromised in March

    Roy Schestowitz espoused:
    > ____/ Mark Kent on Thursday 17 April 2008 15:19 : \____
    >
    >> Roy Schestowitz espoused:
    >>> Hackers Tuck Attack Code Into UK Government Site
    >>>
    >>> ,----[ Quote ]
    >>>| Trend Micro's Web site was one of up to 20,000 sites discovered in
    >>>| mid-March where hackers found a weakness in the server's security that
    >>>| allowed them to implant malicious JavaScript.
    >>> `----
    >>>
    >>> http://www.pcworld.com/article/id,14...1/article.html
    >>>
    >>> The real number is probably far greater, so before the munchkins ridicule
    >>> for PHP-based application coding bugs, they ought to be aware that Windows
    >>> servers are affected without exception, as reported in the news many times
    >>> already.
    >>>

    >>
    >> What on earth are HMG doing using Windows servers? They're expensive,
    >> unreliable, insecure, and, well, expensive. Linux is inexpesive, highly
    >> reliable, and far far more secure. This is not one of those complicated
    >> management decisions - even MBA types should be able to do this one...

    >
    > They need to be able to /SUE/ someone if something goes wrong, remember? That's
    > their selection criterion. And by the way, Linux is not different in that
    > respect, but myths and perception stymie adoption where the
    > propaga^Hliterature and pamphlets took over.
    >


    Indeed, but that can readily be achieved by having an independent
    integrator and/or support house. Having Windows as the OS is pretty
    much irrelevant to the "whom do I sue?" question.

    --
    | mark at ellandroad dot demon dot co dot uk |
    | Cola faq: http://www.faqs.org/faqs/linux/advocacy/faq-and-primer/ |
    | Cola trolls: http://colatrolls.blogspot.com/ |
    | Open platforms prevent vendor lock-in. Own your Own services! |


+ Reply to Thread