Website Protection

Website Protection
wordpress website joomla malcious scripts malware hacking hacker
Brand ProtectionHackingFinancial MalwareWebsite Protection

New Malicious Script poses threat to WordPress and Joomla-based websites

By
January 20, 2020

Cyber-security researchers are warning owners of Joomla and WordPress websites…

fdlp defacement iran us wars cyber attack cyber crime iranian hackers hacker
Brand ProtectionHackingFinancial MalwareWebsite Protection

Attack by Iranian hackers on US Government Domain raises concerns about cyber defense

By
January 10, 2020

  Aptly timed.   Two words that sum up this…

Malware and Adware Attacks Using WP Plugins
Brand ProtectionFinancial MalwarePhishingDigital Risk ProtectionWebsite Protection

Malware and Adware Attacks Using WP Plugins

By
August 1, 2019

With each passing day, cases of WordPress infection that redirects…

Website Vulnerability
Financial MalwareDigital Risk ProtectionWebsite Protection

SC Capital Website Vulnerability Almost Leaked Entire Database

By
May 4, 2019

The city of Columbia site had a security flaw in…

Magento PayPal
Fraud PreventionThreat IntelligenceWebsite Protection

Hackers abuse Magento PayPal integration to test validity of stolen credit cards

By
April 5, 2019

Hacker groups and online fraudsters are mishandling a component of…

Protecting your Website against Cyber Attacks
HackingFinancial MalwareDigital Risk ProtectionWebsite Protection

Protecting your Website against Cyber Attacks

By
January 2, 2019

For an individual or any business their website and its…

IBM WebSphere is a software framework and middleware that hosts Java-based web applications. This means that it’s similar to Adobe’s Flash Player, in a way that it allows Java-based applications to run on a web browser. This also means that since it hosts Java-based content, any and all information on sessions involving such applications will be taken note of, until the next time that the Java application is accessed. This threat is performed through inserting Java-based code on an application being ran, and this code is enough to send copies of information that’s been input towards a different location. For example: you’re playing a Java-based game on your browser and made an in-game purchase. For these purchases to take effect, you will have to input your credit card information, as well as other personal information that they will keep on file. If the vulnerabilities on WebSphere have been exploited, a code has already been inserted towards the page wherein you input the said information, and sends copies of It to a location where the perpetrator has access to, hence, immediately putting your financial security at risk. This is a form of injected phishing that targets a specific platform, and millions have been victims of such an activity. The reported affected versions of WebSphere are as follows: IBM WebSphere Application Server 9.0 versions prior to 9.0.0.10, with an interim fix on version 9.0.0.9 that has since been attacked IBM WebSphere Application Server 8.5 versions prior to 8.5.5.15, with an interim fix on version 8.5.5.14 that has since been attacked IBM WebSphere Application Server 8.0 versions prior to 8.0.0.15 IBM WebSphere Application Server 7.0 versions prior to 7.0.0.45 The interim fixes have been attacked primarily due to government institutions making use of this platform. This issue is due to the unsafe handling of JAVA object de-serialization through the SOAP connector. An attacker can exploit this issue by sending a specially crafted object through the SOAP connector. Upon successful exploitation, the attacker can then have full privileges on the platform, which allows them to edit, create, delete and export data with no inhibitions. That’s a major threat. There are several preventive measures that we can apply to try and mitigate the damage this can cause: Upgrade to the latest version of IBM WebSphere Application Server Verify no unauthorised system modifications have occurred before applying any patches Apply the principle of Least Privilege to all systems and services Remind users not to visit websites or follow links that come from untrusted sources These are not absolute fixes, but these can help reduce the risk of being exposed to this vulnerability. Until IBM designs a vaccine for this threat, this would be our best course of action.
Fraud PreventionFinancial MalwareWebsite Protection

IBM WebSphere Application Vulnerability Remote Code Execution

By
December 15, 2018

IBM WebSphere is a software framework and middle ware that…

Trusted and Recommended web security Add-on by Firefox discovered to be a Spyware
Brand ProtectionFraud PreventionRisk and ComplianceWebsite Protection

Firefox add-on discovered to be Spyware

By
October 15, 2018

Mozilla has removed an web security add-on from the recommended…

Growing Impact of Cybercrime | Cybercriminals | Cybercrime Solutions
HackingFinancial MalwarePhishingDigital Risk ProtectionData BreachWebsite Protection

Growing Impact of Cybercrime

By
September 27, 2017

How deeply rooted is cybercrime? Cybercrime has been rampant since…

Cyber Data Theft
Brand ProtectionDigital Risk ProtectionData BreachWebsite Protection

Cyber Data Theft: How it could affect your business

By
August 16, 2017

Lately the popular cable and satellite TV network HBO has…