Posts Tagged ‘phishing attack’

Cyber security 2014
Cyber Security: Hot Weekly News – September 19, 2014

#1. Virus Citadel has become an instrument for making targeted attacks

Banking Trojan got a number of new features and is currently used in the attacks on the Middle East petrochemical companies.

Hackers who commit targeted attacks, began to use an improved version of the malware Citadel to conduct cyber attacks on several Middle Eastern petrochemical companies. This is reported by researchers at Trusteer.

According to head of Trusteer Corporate Security Dana Tamir, the affected companies received notice that they being targeted cyber attack. (more…)

Vulnerability

XSS-attacks

Hosters say about a significant increase in the number of XSS-attacks.

According to statistics from hosting company Firehost, the number of XSS-attacks on websites in the last quarter of 2012 soared by 160% from the same period of 2011. According to the company, out of 64 million detected and blocked attacks, some 2.6 million was attributable to attacks such as cross-site scripting. Quarter before it was discovered just over a million XSS-attacks.

Under these types of attacks Firerost understand three basic types of attack: directory traversal, SQL-injection and cross-site request fake (CSRF). The share of these three main types of attacks have 15.16 percent of the attacks, and 12, respectively.

Firehost notes that XSS-attack – is the base type of attacks used by hackers. It works by placing malicious code on insecure pages, and allows users to manipulate the actions of the attacked site. However, despite its base, this type of attack can have a wide range of applications: from deface the site to a phishing attack. (more…)