http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2010-01-02 21:47:33 - 54f3.com WebSite Security Audit Scanning : Well, its happened This time, the users themselves have taken action against rockyoucom for their inadvertent disclosure of customer information As we previously reported, Rockyou was hacked and disclosed it looks like over 32,000,000 accounts Yes, 32 Million What is interesting about this case, for me anyways, isn t the large disclosure number 1 http://www.secuobs.com/revue/news/177566.shtmlhttp://www.secuobs.com/revue/news/177566.shtml Secuobs.com : 2009-12-22 22:26:32 - 54f3.com WebSite Security Audit Scanning - While I try and not to be so graphic with my comments, I can t help but feel CSI-que lately with all of these hack attacks So here we go again This time, its CITI Just reported today by marketwatchcom, Citigroups stock sank significantly based on the rumor that Citigroup suffered a hack attack that http://www.secuobs.com/revue/news/175053.shtmlhttp://www.secuobs.com/revue/news/175053.shtml Secuobs.com : 2009-12-22 18:31:27 - 54f3.com WebSite Security Audit Scanning - Back for the last entry of 2009, here are the latest updates in the security world Aweber announces its own incursion into its site, unnumbered number of email addresses pilphered AWeber was recently the victim of an intentional attack to mine email addresses We d like to take this opportunity to share what happened, what was and was http://www.secuobs.com/revue/news/174990.shtmlhttp://www.secuobs.com/revue/news/174990.shtml Secuobs.com : 2009-12-22 15:31:51 - 54f3.com WebSite Security Audit Scanning - Well, yet another selective I didn t inhale had no relationship hold on, sorry, wrong topic No, I m not going to discuss the twitter hack which wasn t , but I am picking on aweber today sorry guys , as a very special case example of why regular, coordinated and ongoing security scanning is absolutely mandatory when http://www.secuobs.com/revue/news/174923.shtmlhttp://www.secuobs.com/revue/news/174923.shtml Secuobs.com : 2009-12-17 17:30:28 - 54f3.com WebSite Security Audit Scanning - Well folks, its been a crazy week online this week Is it part of the holidays, or simply that more vulnerabilities are going unfixed and the hackers are finding more You be the judge We definitely think that there is a retribution slant to most of the major issues this week, specifically http://www.secuobs.com/revue/news/173422.shtmlhttp://www.secuobs.com/revue/news/173422.shtml Secuobs.com : 2009-12-17 17:30:28 - 54f3.com WebSite Security Audit Scanning - I came across a great question in LinkedIn this past week, and took the opportunity to document basically what it is, in a simple version Question What is an SEO poisoning attack SEO poisoning attacks are primarily attacks on popular websites using XSS or cross server scriptingIFrame viruses also act like this Iframe are the most dangerous viruses http://www.secuobs.com/revue/news/173421.shtmlhttp://www.secuobs.com/revue/news/173421.shtml Secuobs.com : 2009-12-16 21:02:51 - 54f3.com WebSite Security Audit Scanning - One big thing that is missing from this industry is empirical trend data that supports the TRUE risks and costs associated with hacking and malware infections To date, we ve written quite alot about customer-specific impacts when they are infected The results run the gambit of 1000 s of dollars of losses over time, loss http://www.secuobs.com/revue/news/172992.shtmlhttp://www.secuobs.com/revue/news/172992.shtml Secuobs.com : 2009-12-16 00:23:11 - 54f3.com WebSite Security Audit Scanning - Give us your malware and website hack experiences, comments and recommendations Survey Link Share on Facebook http://www.secuobs.com/revue/news/172461.shtmlhttp://www.secuobs.com/revue/news/172461.shtml Secuobs.com : 2009-12-11 20:57:53 - 54f3.com WebSite Security Audit Scanning - 54f3Com Now Scans for Malware Launched quietly last week, we are now scanning all websites for malware What does this mean to you Well, we now test each and every URL on your site for malware How Well, we use over 98,950 count at this point malware patterns for our testing We can test your code, http://www.secuobs.com/revue/news/171096.shtmlhttp://www.secuobs.com/revue/news/171096.shtml Secuobs.com : 2009-12-09 21:03:14 - 54f3.com WebSite Security Audit Scanning - Restaurants Sue Vendors after Point of Sale Attacks There s been a lot of coverage of the lawsuits against Heartland Payment Systems, a payment processor fined by both Visa and Mastercard for not being PCI-DSS compliant Now a class-action lawsuit by seven restaurants claims that dozens of restaurants may have become victims of card fraud because systems http://www.secuobs.com/revue/news/170299.shtmlhttp://www.secuobs.com/revue/news/170299.shtml Secuobs.com : 2009-12-08 22:39:43 - 54f3.com WebSite Security Audit Scanning - Leading Web Vulnerability and Malware Scanning Service 54f3Com www54f3com announced on Tuesday it has named Doug McDonald as the Vice President of Sales and Business Development The announcement follows 54F3com s recent launch of its Malware Detection Services in November With more than 15 years of experience under his belt, McDonald will be responsible for managing the http://www.secuobs.com/revue/news/169830.shtmlhttp://www.secuobs.com/revue/news/169830.shtml Secuobs.com : 2009-12-04 01:40:02 - 54f3.com WebSite Security Audit Scanning - Malware Infection, Cleanup and Vulnerability Analysis and Consulting Services ALERT TRUE STORY BELOW Want to understand how simple it is to secure your site Sure, we ll take a real customer example from this week to document the story Names and Certain Elements removed to protect confidentiality Context Large financial news information site that was recently infected several times Running an http://www.secuobs.com/revue/news/168423.shtmlhttp://www.secuobs.com/revue/news/168423.shtml Secuobs.com : 2009-12-02 21:20:44 - 54f3.com WebSite Security Audit Scanning - Malware Yes, its been around for many years However the attack vector has changed Long ago the primary distribution method was by sharing dirty data yes, exchanging floppy disks remember those days Then it went onwards into distributing viruses and malware via email this is the early days of outlook express Then, came the solutions http://www.secuobs.com/revue/news/167891.shtmlhttp://www.secuobs.com/revue/news/167891.shtml Secuobs.com : 2009-12-01 04:09:18 - 54f3.com WebSite Security Audit Scanning - Your password isn't 123456 , is it http://www.secuobs.com/revue/news/167009.shtmlhttp://www.secuobs.com/revue/news/167009.shtml Secuobs.com : 2009-11-05 21:30:52 - 54f3.com WebSite Security Audit Scanning - Whew After Denis told me about what he found, I was quite concerned After a little bit of digging, I was surprised, and somewhat thankful I suppose You see, in addition to hacking sites, and getting credentials, etc these dummies made a mistake in their coding and effectively broke themselves Which is just fine, since based http://www.secuobs.com/revue/news/157918.shtmlhttp://www.secuobs.com/revue/news/157918.shtml Secuobs.com : 2009-10-20 20:37:30 - 54f3.com WebSite Security Audit Scanning - Of course, we already know many good reasons to get added security for your website keeping your site safe and reliable, putting your customers at ease, and all of these kinds of things that I've said many times before The important thing right now is that the US Federal Trade Commission is offering you a new reason you could end up being fined http://www.secuobs.com/revue/news/152258.shtmlhttp://www.secuobs.com/revue/news/152258.shtml Secuobs.com : 2009-10-16 17:50:16 - 54f3.com WebSite Security Audit Scanning - If you ve been following the news lately or my Twitter you may have seen the article about broadband internet becoming a legal right in Finland Personally, I think this is a fantastic move Internet has become essential to our daily lives, it manages our social networking, it gives us our news, it brings us new http://www.secuobs.com/revue/news/151221.shtmlhttp://www.secuobs.com/revue/news/151221.shtml Secuobs.com : 2009-10-09 21:19:55 - 54f3.com WebSite Security Audit Scanning - Is it finally time to change your Windows http://www.secuobs.com/revue/news/149087.shtmlhttp://www.secuobs.com/revue/news/149087.shtml Secuobs.com : 2009-10-05 21:12:11 - 54f3.com WebSite Security Audit Scanning - If someone were to ask me, What would be the best way to find scam pages pretending to be real ones I would think that s an odd question, but afterward I would answer by searching whatever is trendiest Scammers and malware propagators try to quickly take advantage of the topic of the day and http://www.secuobs.com/revue/news/147558.shtmlhttp://www.secuobs.com/revue/news/147558.shtml Secuobs.com : 2009-10-01 20:49:09 - 54f3.com WebSite Security Audit Scanning - Should you have your website scanned It's a very simple question and one that you may have considered before Of course, you may conclude that no, you should not, because you have never had any problems Of course I have already discussed the argument that website security is a lot like insurance and that it's something that is there for when you need it except we don't charge exorbitant prices However, now a new study has come out to give you even more reason to have your site scanned http://www.secuobs.com/revue/news/146521.shtmlhttp://www.secuobs.com/revue/news/146521.shtml Secuobs.com : 2009-09-28 20:06:17 - 54f3.com WebSite Security Audit Scanning - Social network users are more vulnerable to security risks Don't get compromised http://www.secuobs.com/revue/news/145140.shtmlhttp://www.secuobs.com/revue/news/145140.shtml Secuobs.com : 2009-09-22 18:47:09 - 54f3.com WebSite Security Audit Scanning - 54F3 and RankHigherca, together at last http://www.secuobs.com/revue/news/143215.shtmlhttp://www.secuobs.com/revue/news/143215.shtml Secuobs.com : 2009-09-18 16:03:48 - 54f3.com WebSite Security Audit Scanning - Malware in ads This isn't good http://www.secuobs.com/revue/news/142204.shtmlhttp://www.secuobs.com/revue/news/142204.shtml Secuobs.com : 2009-09-15 18:49:28 - 54f3.com WebSite Security Audit Scanning - Every 36 seconds another website is infected is it yours http://www.secuobs.com/revue/news/141068.shtmlhttp://www.secuobs.com/revue/news/141068.shtml Secuobs.com : 2009-09-08 21:12:19 - 54f3.com WebSite Security Audit Scanning - Are you up to date wordpress hacked http://www.secuobs.com/revue/news/138777.shtmlhttp://www.secuobs.com/revue/news/138777.shtml Secuobs.com : 2009-09-03 21:47:33 - 54f3.com WebSite Security Audit Scanning - Everyone uses a password on the internet, whether it s for e-mail, games or even logging in to the 54F3 client area but how many different passwords are you using If you re a man, there s almost a 50pourcents chance that it s only one, according to a recent password security study http wwwtheregistercouk 2009 09 02 password_security_survey This same study reveals that only 26pourcents of women will do the same and yet the men were more aware of the possible risks involved http://www.secuobs.com/revue/news/137570.shtmlhttp://www.secuobs.com/revue/news/137570.shtml Secuobs.com : 2009-08-25 22:34:44 - 54f3.com WebSite Security Audit Scanning - Interesting report just came out http wwwitbusinessca it client en home Newsasp id 54291 PageMem 1 It reminds me of the basic challenges facing any vendor charged with managing security operations and or tools And this is information sharing The adage goes like this - OrgX gets hacked - OrgX gets into internal furball figuring out what to do - Leadership gets involved, checks the laws maybe - Realizes that in majority http://www.secuobs.com/revue/news/134334.shtmlhttp://www.secuobs.com/revue/news/134334.shtml Secuobs.com : 2009-08-18 16:46:41 - 54f3.com WebSite Security Audit Scanning - pci compliance dss breach http://www.secuobs.com/revue/news/131936.shtmlhttp://www.secuobs.com/revue/news/131936.shtml Secuobs.com : 2009-08-04 21:30:23 - 54f3.com WebSite Security Audit Scanning - In addition to our new office opening mid-late august , we re now regular contributors to the industry s largest and best webhosting and web business magazine - thewhircom See our first posting here http wwwthewhircom blog Jason_Remillard 080409_500k_CC_records_exposed_they_think http://www.secuobs.com/revue/news/127891.shtmlhttp://www.secuobs.com/revue/news/127891.shtml Secuobs.com : 2009-07-26 21:44:45 - 54f3.com WebSite Security Audit Scanning - Yet another instance of be careful about whom you do business with issue, our friends at NSI suspect over 1 2 a million customer data records were siphoned over a few months Reading between the lines, to me anyways, seems like they actually allowed this to run for a while, trying to learn what was actually gleaned http://www.secuobs.com/revue/news/124835.shtmlhttp://www.secuobs.com/revue/news/124835.shtml Secuobs.com : 2009-06-23 23:36:56 - 54f3.com WebSite Security Audit Scanning - The interview was more of a ‘retail’ one That is, the audience is thepublic at large vs business owners specifically, so we took it as a‘how to protect yourself’ interview I think it went well It wasalot of fun, and is challenging to be live with only 2 minutes tobrief the interviewer http://www.secuobs.com/revue/news/112865.shtmlhttp://www.secuobs.com/revue/news/112865.shtml Secuobs.com : 2009-06-12 21:33:53 - 54f3.com WebSite Security Audit Scanning - Hey Everyone… Just wanted to drop a quick note to talk about newerdevelopments @ 54f3com We just finished our migration from standarddedicated servers in 3 different data centers to the Amazon EC2 cloudI must say, it was very interesting, and to be honest, probably thebest move we’ve made It gives us really http://www.secuobs.com/revue/news/109158.shtmlhttp://www.secuobs.com/revue/news/109158.shtml Secuobs.com : 2009-06-09 18:46:23 - 54f3.com WebSite Security Audit Scanning - Of course, there are other mechanisms at play here, but the fact is thereare costs about financial when we speak about web security I feelfor everyone involved the customers, the hoster, and of course, thefamily of K T Ligeshhttp://wwwtheregistercouk/2009/06/09/lxlabs_funder_death/http://www.secuobs.com/revue/news/107519.shtmlhttp://www.secuobs.com/revue/news/107519.shtml Secuobs.com : 2009-06-05 19:41:06 - 54f3.com WebSite Security Audit Scanning - My friends at livelifelivefm picked up on the McAfee story a littlewhile ago, and we did a quick interview about it It was alot of fun,and was a good opportunity to talk about some real customer examples,and how 54f3com addresses them Of course, it was also an opportunityto crack a few jokes http://www.secuobs.com/revue/news/106306.shtmlhttp://www.secuobs.com/revue/news/106306.shtml Secuobs.com : 2009-06-03 19:40:30 - 54f3.com WebSite Security Audit Scanning - website security scanning and audit work - real examples - real businessissueshttp://www.secuobs.com/revue/news/105481.shtmlhttp://www.secuobs.com/revue/news/105481.shtml Secuobs.com : 2009-06-01 16:33:06 - 54f3.com WebSite Security Audit Scanning - I was reading a posting by Russ McRee recentlyhttp://holisticinfosecblogspotcom/2009/05/whitehats-trustmark-program-as-gamehtml,in regards to Jeremiah’s descision to lauch a seal program Icompletely agree with #2, and #3 I’m sure I would agree with #1 and 4as well if I knew him better We’ve found in our own practices very,very rare exceptions that http://www.secuobs.com/revue/news/104406.shtmlhttp://www.secuobs.com/revue/news/104406.shtml Secuobs.com : 2009-05-27 01:34:34 - 54f3.com WebSite Security Audit Scanning - 1 You really enjoy waking up in the morning with your coffee, hittingyour homepage, and finding a new page marketing ‘special offers’ for‘enhancement’ products… You spill your coffee, burn…ouch 2 You justlove getting a hosting bill showing your site had somehow managed touse 4 terabytes of data last month, even though your http://www.secuobs.com/revue/news/101886.shtmlhttp://www.secuobs.com/revue/news/101886.shtml Secuobs.com : 2009-05-20 19:11:01 - 54f3.com WebSite Security Audit Scanning - As just reported today at xssedcom, large adult entertainment sitebangbroscom has a cross site scripting vulnerability WARNING, NSFWLink: http://xssedorg/mirror/60796/ Gives new meaning to ‘phishing’and a whole host of other verbs I can think ofhttp://www.secuobs.com/revue/news/99502.shtmlhttp://www.secuobs.com/revue/news/99502.shtml Secuobs.com : 2009-05-17 06:55:26 - 54f3.com WebSite Security Audit Scanning - Check this news story out|Website Security Leader Struggles to SecureTheir Own Website http://bitly/xoO3D # Powered by Twitter Toolshttp://www.secuobs.com/revue/news/97413.shtmlhttp://www.secuobs.com/revue/news/97413.shtml Secuobs.com : 2009-05-15 10:51:42 - 54f3.com WebSite Security Audit Scanning - Just finished great sales call for a huge affiliate opportuntiy #Powered by Twitter Toolshttp://www.secuobs.com/revue/news/96714.shtmlhttp://www.secuobs.com/revue/news/96714.shtml Secuobs.com : 2009-05-15 10:51:42 - 54f3.com WebSite Security Audit Scanning - Check this news story out|Website Security Leader Struggles to SecureTheir Own Website http://bitly/xoO3Dhttp://www.secuobs.com/revue/news/96713.shtmlhttp://www.secuobs.com/revue/news/96713.shtml Secuobs.com : 2009-05-14 23:58:31 - 54f3.com WebSite Security Audit Scanning - Was reading a quick article today by Dan Sullivan regarding this topicand I agree completely However, I’d like to augment the statement toinclude that any proper scanner will be able to find your CMS styleand implementation versions I mean, its ok to know that you haveJoomla However, the versioning sub versions count http://www.secuobs.com/revue/news/96548.shtmlhttp://www.secuobs.com/revue/news/96548.shtml Secuobs.com : 2009-05-14 06:52:34 - 54f3.com WebSite Security Audit Scanning - Security experts and staff working on the Joint Strike Fighter programmeare concerned following a recent hacking incident on Pentagon computersystems This is the third such incident within the past two years andit marks the start of looking more closely at the organization’ssecurity compliance and web security scanning effortshttp://www.secuobs.com/revue/news/96222.shtmlhttp://www.secuobs.com/revue/news/96222.shtml Secuobs.com : 2009-05-14 06:52:34 - 54f3.com WebSite Security Audit Scanning - McAfee Site Flaw gets exposedhttp://www.secuobs.com/revue/news/96221.shtmlhttp://www.secuobs.com/revue/news/96221.shtml Secuobs.com : 2009-05-14 06:52:34 - 54f3.com WebSite Security Audit Scanning - http://wwwnewdesignworldcom/press/story/13078http://www.secuobs.com/revue/news/96220.shtmlhttp://www.secuobs.com/revue/news/96220.shtml Secuobs.com : 2009-05-14 06:52:34 - 54f3.com WebSite Security Audit Scanning - Yes, and this is a true story… 1,000’s of flaws found…http://datingwebsitesquebecbloguecom/2009/04/30/website-compliance-tightens-after-pentagon-computer/http://www.secuobs.com/revue/news/96219.shtmlhttp://www.secuobs.com/revue/news/96219.shtml Secuobs.com : 2009-05-14 06:52:34 - 54f3.com WebSite Security Audit Scanning - http://wwwreadwritewebcom/archives/mcafee_enabling_malware_distribution_and_fraudphpYes, and the issue continued unabatedeven worse, some of thesecurity referring blogs had the same issuehttp://www.secuobs.com/revue/news/96218.shtmlhttp://www.secuobs.com/revue/news/96218.shtml Secuobs.com : 2009-05-14 06:52:34 - 54f3.com WebSite Security Audit Scanning - I like it when writers actually put a little bit of effort into theirwork…bravohttp://wwwthewhircom/web-hosting-news/042809_Pentagon_Hack_Highlights_Web_Securityhttp://www.secuobs.com/revue/news/96217.shtmlhttp://www.secuobs.com/revue/news/96217.shtml Secuobs.com : 2009-05-14 06:52:34 - 54f3.com WebSite Security Audit Scanning - I’ve been reading Jeremiah’s blog for a while now, and couldn’t resistcommenting and re-reading some of the issues listed on his page It isinteresting reading, and matches up closely with my own experience inthe enterprise ‘core’ security consulting arena Go ahead, readup…some good and funny stuff in therehttp://jeremiahgrossmanblogspotcom/2009/05/8-reasons-why-website-vulnerabilitieshtmlhttp://www.secuobs.com/revue/news/96216.shtmlhttp://www.secuobs.com/revue/news/96216.shtml Secuobs.com : 2009-05-14 06:52:34 - 54f3.com WebSite Security Audit Scanning - Computer security and antivirus software giant McAfee is dealing with amajor security breach documented from website investigators this pastweekhttp://www.secuobs.com/revue/news/96215.shtmlhttp://www.secuobs.com/revue/news/96215.shtml