Why run a DDoS-for-hire service? Easy money
Who run so-called ‘booter’ services that are used to knock out websites and are sometimes used for extortion? Young males. Why? Easy money.
Who run so-called ‘booter’ services that are used to knock out websites and are sometimes used for extortion? Young males. Why? Easy money.
Attackers exploiting the Shellshock vulnerability that was discovered in a widely used component of Mac OS X, Linux and Unix had infected by Thursday hundreds of systems with exploratory malware.
Antone Gonsalves | 26 Sep | Read more
System administrators rushing to fix the highly publicized Heartbleed vulnerability may have introduced the flaw into unaffected websites, a security researcher says.
Antone Gonsalves | 13 May | Read more
After only a few days, the Internet is still buzzing with news surrounding CVE-2014-0160, better known as the Heartbleed vulnerability. CSO has compiled the following information in order to help administrators and security teams understand the issue, determine their risks, and if needed, fix the problem.
Steve Ragan | 11 Apr | Read more
In light of overall low adoption of HTTP security headers, Mozilla is advising webmasters to at least implement X-Frame-Options on their sites, arguing that this header can prevent several types of attacks.
Lucian Constantin | 12 Dec | Read more
The number of DDoS (distributed denial-of-service) attacks that target weak spots in Web applications in addition to network services has risen during the past year and attackers are using increasingly sophisticated methods to bypass defenses, according to DDoS mitigation experts.
Lucian Constantin | 22 Oct | Read more
Chinese hackers are using an automated tool to exploit known vulnerabilities in Apache Struts, in order to install backdoors on servers hosting applications developed with the framework.
Lucian Constantin | 14 Aug | Read more
The World Wide Web Consortium has rejected an attempt by the advertising industry to hijack a specification describing how websites should respond to "do not track" requests sent by Web browsers.
Loek Essers | 16 Jul | Read more
Hackers are actively exploiting a critical vulnerability in the Ruby on Rails Web application development framework in order to compromise Web servers and create a botnet.
Lucian Constantin | 29 May | Read more
The development team behind the popular Nginx open-source Web server software released security updates on Tuesday to address a highly critical vulnerability that could be exploited by remote attackers to execute arbitrary code on susceptible servers.
Lucian Constantin | 08 May | Read more
A group of hackers that are infecting Web servers with rogue Apache modules are also backdooring their Secure Shell (SSH) services in order to steal login credentials from administrators and users.
Lucian Constantin | 24 Jan | Read more
Change in any industry involves conflict. Evolution and revolution in tech this year took place not only in the marketplace but also in the courtroom, the factory, and on the Web. Here are the top news stories of 2012 as selected by the editors of the IDG News Service.
Marc Ferranti | 10 Dec | Read more
Many Apache Web servers, including those hosting some popular websites, expose information about the internal structure of the sites they host, the IP (Internet Protocol) addresses of their visitors, the resources users access and other potentially sensitive details because their status pages are left unprotected.
Lucian Constantin | 01 Nov | Read more