-
Apache web servers targeted by stealthy 'Cdorked' malware
Security researchers have discovered a new Apache web server backdoor that is so stealthy it leaves almost no trace of its redirection behaviour on the hard drive or in server log files.
-
Apache servers ambushed by sophisticated backdoor attacks
Researchers at Sucuri and Eset say the attacks, which delivers the Blackhole malware kit to site visitors, leaves no trace on servers
-
Web server hackers install rogue Apache modules and SSH backdoors, researchers say
A group of hackers that are infecting Web servers with rogue Apache modules are also backdooring their Secure Shell (SSH) services in order to steal login credentials from administrators and users.
-
Unprotected Apache server status pages put popular websites at risk
Many Apache Web servers, including those hosting some popular websites, expose information about the internal structure of the sites they host, the IP (Internet Protocol) addresses of their visitors, the resources users access and other potentially sensitive details because their status pages are left unprotected.
Get exclusive access to CSO, invitation only events, reports & analysis. - 1
Bank trojan targets users of Bitcoin exchange Mt Gox
- 2
Australian Information Security Association issues blunt warning as National Cyber Security Awareness Week begins
- 3
Review: Mobile Device Management
- 4
ACMA database keeps finger on Australia’s malware pulse
- 5
The week in security: Aussie banks targeted as mobiles drive privacy fears
- FTSenior Python DeveloperNSW
- FTSenior Python DeveloperNSW
- FTR&D EngineerSA
- FTQuality ManagerSA
- FTTest Analyst (MS Environment) .netNSW
- FTOS Web Applications DeveloperNSW
- FTTest EngineerVIC
- FTFlash / ActionScript Developer - ContractNSW
- FTJob Title: Mac Systems/ Enterprise Systems EngineerNZ
- FTTest Analyst (MS Environment) .netNSW
- FT.NET - Sitecore Developer - Melbourne - PermNSW
- FTSenior Python Web Applications DeveloperNSW
- FTLead Software EngineerSA
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
Warning: Tips for secure mobile holiday shopping
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.
