Security Alerts & News
by Tymoteusz A. Góral

#1784 Phishing made easy: Time to rethink your prevention strategy? (PDF)
By examining a phishing campaign, researchers at the Imperva Defense Center have uncovered new ways cybercriminals are leveraging compromised servers to lower the cost of phishing. Phishing is the starting point for most network and data breaches. The campaigns run mostly from compromised web servers and distribute all kinds of malware including ransomware. In this report, we present the different tools used to compromise web servers, phishing platforms offered as a service, fi nancial motivations and the business models of phishing campaigns. We also highlight the importance of intelligence sharing which helped attribute with high confi dence the phishing campaign to a group of known cybercriminals.

Phishing campaigns are often orchestrated from compromised web servers while hosting providers and businesses remain totally unaware of the malicious activity. Compromised web servers used in Phishing as a Service (PhaaS) platforms signifi cantly lower the costs of a phishing campaign and help the cybercriminals hide their tracks. The 2016 Verizon Data Breach Investigations Report (VZ DBIR) documents a signifi cant increase in phishing success over 2015 primarily due to human factors. Endpoint protection mechanisms have failed to contain the spread of malware. If more web servers are hardened, there is a good chance the phishing threat can be mitigated.

The best way to protect web servers from being compromised is to deploy web application fi rewalls (WAFs) that can detect and block advanced injection techniques. The phishing-based malware distribution mechanism relying on compromised servers can be contained only by increasing the security on web servers. If WAFs were deployed as ubiquitously as network fi rewalls, the cybercriminal industry would be seriously crippled.
Read more
#1785 Buffer overflow in BSD libc library patched
#1784 Phishing made easy: Time to rethink your prevention strategy? (PDF)
#1783 Phishing-as-a-service is making it easier than ever for hackers to steal your data
#1782 Millions exposed to malvertising that hid attack code in banner pixels
#1781 Hackers gamify DDoS attacks with collaborative platform
#1780 Critical vulnerability patched in Roundcube webmail
#1779 Backdoor accounts found in 80 Sony IP security camera models
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12