Tuesday, March 28, 2017

Some clues that you’ve been hacked


Image result for clues that you’ve been hacked
Image source: medium.com

Hacking is one of the most unfortunate realities that any individual or entity has to face in this age of internet dependence. It is such an infamous, dreaded phenomenon because it is also one of the most subtle threats out there. However, an incident of hacking leaves traces that you may observe from the view at your work station.

One of the classic signs of hacking is an application installed in your PC which you are certain that you didn’t download. This happens when you unknowingly allow a program to do changes on your computer. There are many ways by which you can be tricked into this. One example is that of a window with a clickable button that takes the form of something familiar, like the close button on what looks like an otherwise trusted window.

Image result for clues that you’ve been hacked
Image source: ciotech.us

Yet another sign that you might be hacked is when you get emails from people whom you do not know. This means that somehow, your email address has circulated outside of the usual places. This makes you a target of malicious programs.

One of the most glaring signs of hacking is when you are alerted to credit card purchases which you are also certain you did not make. This is very frightening, and having your PC or mobile phone cleaned becomes secondary. Calling your credit card company to cancel your card should be the priority response.

Hackers will always be there to challenge the most secure solutions in web security. It’s a good thing that the good guys who protect us are some of the most brilliant innovators in the field.

Founded in 2008, SiteLock has been serving a worldwide customer base of more than 8 million with the technology that deters the biggest security threats on the web. For the latest in web security, please visit their website.

Friday, March 24, 2017

Cross-site scripting: A significant web security risk

Image source: nowhere.net

At the start of the year, around 1,600 WordPress plugin vulnerabilities were analyzed over the course of 14 months. It was discovered that 46.97 percent of these were prone to cross-site scripting (XSS) attacks.

According to a study by Symantec in the second half of 2007, there were 11,253 site-specific cross-site scripting vulnerabilities documented, a figure considerably higher than the 2,134 traditional vulnerabilities recorded during the same period.

XSS is a security vulnerability that enables hackers to inject malicious, client-side scripts in trusted websites. By doing so, an unsuspecting user who accessed the web-based application will unwittingly execute the code or script, allowing the attacker to view and manipulate sensitive page content, session contents, authorization cookies, and other information retained by the browser on behalf of the user.

Image source: tripwire.com

The hacker will then be able to use the victim’s credentials to access the website. If the website contains sensitive information, such as credit card data, the hacker can steal the information. He can also gain administrator privileges on the website, should he be able to successfully inject a code that the web host or owner clicks on.

These are just some of the consequences of XSS attacks; the effects of this vulnerability range from trivial nuisances to significant web security risks.

Founded in 2008, blog to learn more about the industry.