New vulnerability for WPTouch Wordpress plug-in

A research team found a very serious vulnerability in the WPTouch Plugin for WordPress that allows an attacker to upload files remotely to websites running the plugin that have not updated to VERSION 3.4.3 (the version the WPTouch team just put out to patch the vulnerability). This vulnerability may be very userful for an attacker to upload malicious contents in your websites.

In order to secure your website if you’re using the WPTouch Plugin (and over 5 million sites are), make sure to update the plugin immediately.

To detect malicious contents in your websites you can use CloudWALL MDS | Malware Detection Service but if you are interested to prevent your website to be vulnerable to next threats you may consider CloudWALL WAF | Web Application Firewall that allow to protect your websites from any network and application level attack.

Find more details at www.cloudwall.tk/mds.

Read More

Think twice before selling your smartphone!

A study published last week by Avast (AVST) suggests the vulnerability of Android smartphones goes beyond malware. As it turns out, wiping the devices fails to remove sensitive data.

Avast is in the business of selling security software, so anything the company says about smartphone security should be taken with a grain of salt. Still, the evidence that Avast offered is shocking and should serve as a wake-up call, especially to those who are selling their Android smartphone in preparation for buying the next must-have mobile device.

Avast purchased 20 used smartphones that sellers assumed had been wiped of personal data because they used Android’s “Factory Reset” option. This is what was found:

• 40,000+ photos
• More than 1,000 Google searches
• 750+ e-mails
• 250+ contacts
• The personal identity of four of the previous device owners
• One completed loan application

While this sample might not be representative of what data you have on your mobile phone, it serves as a stark reminder that selling your smartphone comes with risks. And this may be just the tip of the iceberg when it comes to smartphone security issues.

This is a security issue affecting not only personal users, but also corporates and enterprises that allow access to their confidential data both from corporate owned and BYOD devices. And this is also the reason why at CloudWALL Italia we are offering CloudWALL MDM | Mobile Device Management that allow to secure sensitive data on mobile devices.

CloudWALL MDM | Mobile Device Management offloads IT organizations from the arduous task of managing and securing corporate- and employee-owned mobile devices (BYOD). CloudWALL MDM | Mobile Device Management provides IT administrators with a rich set of capabilities to secure and manage both small and large-scale deployments of business and personal mobile devices. Our solutions offer organisations real-time visibility and control of connected mobile devices from a single administrative console.

Find more details at www.cloudwall.tk/mdm.

Read More

CNET attacked by Russian hackers

Russian hacker group that has attacked some of the biggest news and business sites in the world claims it penetrated CNET's website over the weekend and stole a database of registered reader data.

A representative from the group calling itself W0rm told CNET News in a Twitter conversation that it stole a database of usernames, emails, and encrypted passwords from CNET's servers.

W0rm is claiming that the database of stolen information includes data on more than 1 million users.

A CBS Interactive spokeswoman said that "a few servers were accessed" by the intruder. "We identified the issue and resolved it a few days ago. We will continue to monitor," for potential impact, she said.

W0rm said it found its way into CNET's servers through a security hole in CNET.com's implementation of the Symfony PHP framework, a popular programming tool that provides a skeleton on which developers can construct a complex website.

Once again, application level attacks are demonstrating to be for hackers an effective way to have unauthorized access to published web applications and services. 

This is why CloudWALL Italia is offering CloudWALL WAF | Web Application Firewall that allow to protect your web sites and web application from application level attacks aimed to have unauthorized access to sensitive data working behind of your systems. 

CloudWALL WAF | Web Application Firewall protects Web applications at the very edge of the Internet as opposed to inside the datacenter. Our solution shields an organization’s network from the growing number of application-layer attacks and prevents the loss of valuable corporate and customer data. In addition to proven attack defenses, the CloudWALL WAF | Web Application Firewall aids in compliance with information security regulations, such as PCI-DSS.

Find more details at www.cloudwall.tk/waf .

Read More

Hotel Hippo booking site taken down

HotelHippo has been taken offline after security expert finds various flaws in its IT systems. A hotel booking site has been condemned by a security expert after leaving users personal details easily accessible to hackers. Scott Helme, an information security consultant, uncovered several flaws in the HotelHippo site while trying to book accommodation for a trip to the Lake District.

They included the presence of an SQL injection vulnerability on the site, as well as PCI compliance breaches and HTTPS configuration issues. He was able to test this out further by creating several bookings featuring fake credit card data, which he stressed was information that was irretrievable when pulling out other people’s bookings. Once a booking is made, the site then emails users confirmation of the transaction, which Helme discovered could potentially provide cyber criminals with the ammunition needed to launch a convincing phishing attack.

This is just the last case when high severity vulnerabilities are found in web applications and web sites. This is why at CloudWALL Italia we offers an innovative platform to perform automated security tests against any website as well as web and mobile applications.

CloudWALL WAS | Web Application Security is a Cloud service you use through your browser, so there’s no software to install or maintain. You can accurately and efficiently test your apps, no matter where they are – on internal networks, hosted on the Internet or in Cloud platforms such as Amazon. Relied on by leading companies with some of the most demanding web apps in the world, CloudWALL WAS | Web Application Security will help you safeguard your apps, whether you have just a few apps or many thousands.

Find more details at www.cloudwall.tk/was .

Read More

Microsoft takes offline 4M Malicious Websites

Microsoft has gotten pretty good at using the legal system to combat the spread of malware and online fraud. It appears, however, that they need to work on their finesse game a little. In their latest assault, the collateral damage knocked around 4 million sites offline.

It all started after a Nevada court temporarily gave Microsoft control of 23 domains belonging to No-IP.com. In case you’re not familiar with No-IP, it’s a service that assigns static subdomain and domain names to dynamic IP addresses. Geeky types like us often use them to make remotely accessing servers that we run at home (only in accordance with our ISPs TOS, of course).

Malware authors, however, like to leverage services like No-IP to distribute and control their malicious software. They can constantly change IP addresses for CNC servers without knocking their network offline. These sites make up a tiny percentage of the total, of course. According to Microsoft’s court papers, around 18,000 No-IP names were part of the njrat and njworm malware network.

To protect users for malicious website both from home and corporate PCs as well as mobile devices, CloudWALL Italia offers an innovative web security platform in the cloud that prevent access to unauthorized contents and malicious websites from your users.

CloudWALL WCF | Web Content Filtering lets you manage the Internet experience on and off your network with acceptable use or compliance policies, putting you in control. Fully delivered through the cloud, CloudWALL WCF | Web Content Filtering allow to secure and take control of Internet activities from users anywhere and anytime, when they are connected to the corporate networks as well as they are at home or on the road, through an unified dashboard accessible anywhere and anytime from any browser web or mobile device.

Find more details at www.cloudwall.tk/wcf .

Read More

APTs Pose a Major Challenge for Enterprise Security

One of the biggest concerns that confront large and small enterprises alike is what is known as Advanced Persistent Threats (APT). An APT is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. Unlike the basic or mass market threats that everyone should be blocking, APTs are unknown threats that cannot be detected by traditional signature-based defences such as firewalls, IPSs, and secure web and email gateways.

According to a recently released report by Verizon, in the year 2013, 92% of data- breaches were perpetrated by outsiders while 84% of attackers were able to compromise their targets in seconds, minutes or hours, however 78% of data-breach incidents took weeks, months or years to discover. This leaves a significant window that is used by the attackers leaving the organisations vulnerable during this period which can be more than years.

APTs have both the capability and the intent to persistently and effectively target a specific entity. The motive behind such threats is to steal confidential data and information from a specific person. For instance, this person could be an employee of a large organization be it a bank or a government body. APT attacks target organizations in sectors with high-value information, such as National defense, aerospace, oil and gas, manufacturing, banking, financial services, and insurance among others.

While you don't know how the APT against your company is working, a detection process require a deep analisys and correlation of suspicious events in your IT infrastructures.

To do this, CloudWALL Italia offers an innovative event and incident management in the cloud, able to help you in analyzing and correlating events to detect incidents and suspicious activities.

CloudWALL LOG | Event Log Management is the enterprise service that enables you to gain insights from your data without having to wait for hardware or staffing resources. Use CloudWALL LOG to prevent outages, troubleshoot problems and investigate security incidents, in real time. Do all of this regardless of where your data is generated.

Find more details at www.cloudwall.tk/log .

Read More

IDC survey finds DNS servers still sitting ducks

DNS servers remain an unprotected sitting duck in many organisations despite good awareness of the risks posed by external attacks, a survey carried out by IDC for EfficientIP has found. IDC's survey of 244 IT staff in the US, UK and France suggests a paradox in the rise in importance of DNS infrastructure; organisations know how important they are and yet often use older and inadequate forms of protection such as conventional packet firewalls to keep them safe.

Anxiety about the possibility of a DNS attack was high with 63 percent of respondents in France describing it as significant or very significant, ahead of 50 percent in the US and 47 percent in the UK. The most often mentioned effect of an attack was disruption to the business, with the leakage of sensitive customer data, reputational damage, and legal issues not far behind on the list of worries.

CloudWALL DNS | Domain Name Security is the DNS security platform in the cloud that prevent DDoS and other DNS-specific attacks.  CloudWALL DNS | Domain Name Security offers specific DNS security features, enhanced performance and availability within an open architecture.

CloudWALL DNS | Domain Name Security provides a globally load-balanced DNS solution that addresses the capacity, scalability and reliability needs of any customer. Leveraging a global Any-cast mesh infrastructure,  CloudWALL DNS | Domain Name Security eliminates any single point of failure. This architecture ensure availability of your domain name infrastructure and the ability for your users to get in your application and services 24x7x365 from anywhere in the world.

Find more details at www.cloudwall..tk/dns .

Read More

Russian hackers the biggest threat fr UK Cyber Cop

The biggest cyber security threat facing the U.K. and Europe is from Russian hackers, a top British cyber official has said. Speaking at a cyber-security conference last week in London, Lee Miles, Deputy Head of the U.K. National Cyber Crime Unit, emphasized that most of the significant cyber security threats his office works on emanate from Russia.

Sally Scutt, Deputy Chief Executive of the British Banker Association, said at the same conference that foreign governments were looking for ways to defraud banks and hold them to ransom. She wouldn’t elaborate. She said that most of the banks her association represents, some 180 of them, have been on the receiving end of cyber-attacks. She added that banks have been investing heavily in cyber defense, and that some 70% of Bank CEOs identify cyber security as major problem.

Through a wide offering of cloud-based security solutions CloudWALL Italia allow company to enforce their defense lines against cybercrime with a scalable and flexible "software-as-a-service" approach.

We are focused on delivering security services that meet your requirements, are fully integrated into your organisation and provide all the benefits of a cloud delivery model, while managing data privacy, residency and industry compliance. We are providers of leading Cloud Security Technologies and best practices to enable channel partners, resellers and service providers to quickly deliver and onboard users to a Cloud-Based Security Portfolio of service offerings.

Find more details at www.cloudwall.tk

Read More

Cloud technologies as a risk to your business

From Google Docs to Dropbox, these programs make it easier for employees to access data on a range of devices in multiple locations.

This could be anything from sharing content to sending internal messages, uploading pictures to storage and backing up data. But with more and more people using this technology, transferring data to cloud technology can put security at risk, without even realising they are doing so.

Many employees may not even realise they are putting their companies’ data at risk by using programs and applications like iCloud, Dropbox, and Evernote – but these are all cloud-based services that have the potential to be hacked. If employees use them to store valuable data, it poses big security risks.

This is the main reason why at CloudWALL Italia we offers an innovative cloud-based solutions that supply users with access anywhere and anytime to their documents and file and to share them with collegues and partners while CIOs avoid the headache thanks to strong encryption and full tracking of accesses to files and documents.

CloudWALL SFS | Secure File Sharing provides the ability to utilize cloud technologies while retaining that precious right we call privacy. Our zero-knowledge privacy and encryption environment ensures only you can see your data. No one else can gain access.  CloudWALL SFS | Secure File Sharing gives you the power of control and ownership over all your data.

Find more details at www.cloudwall.tk/sfs.

Read More

Canada’s Anti-Spam Law Takes Effect

Institutions or individuals fond of sending spam mail to Canadian electronic mailboxes should ought to think twice sending those missives or otherwise risk getting sued in court for millions of dollars. Canada's new anti-spam law (CASL) already took effect on Tuesday. 

Essentially, the CASL law bars businesses and organisations from sending commercial electronic messages, including texts, emails and social media messages, without first seeking and receiving the recipient's approval. Companies violating the new legislation can be fined by as much as $10 million for sending unsolicited emails. 

Anyway, for those who are not living in Canada, CloudWALL Italia offers his fully cloud-based Spam Prevention and Mail Content Filtering solutions. Email is the most important means of communication in today’s business world. Spam remains however the most serious threat to productivity and resource efficiency in email communication. Cyber-criminals are motivated by financial gain, the challenge, ideology or simply mischief.  

CloudWALL MCF | Mail Content Filtering works for you directly from the cloud and applies its proprietary self-learning smart technologies to filter all incoming email and to prevent spam and malicious messages from reaching your mail systems.

Find more details at www.cloudwall.tk/mcf.

Read More

Phishing websites up 10% in Q1 2014

The number of overall phishing sites observed in the first quarter of 2014 was 125,215, marking a more than 10 percent increase over the final quarter of 2013, during which 111,773 phishing sites were observed, according to the APWG Phishing Activity Trends Report for the first quarter of 2014.

The U.S. hosted more than 40 percent of those sites in each of the first three months of the year, according to the report. Close to 50 percent of phishing attacks were aimed at payment services in the first quarter of 2014, making it still the most targeted industry, and the financial industry was a target about 20 percent of the time, according to the report. The ISP, gaming, auction, government and social networking industries were each targeted less than 10 percent of the time.

To protect their users from Phishing attacks, CloudWALL Italia offers an innovative strong authentication platform in the cloud to enforce authentication processes for protected resources. CloudWALL OTP | One Time Password provides the fastest path to identity management and strong authentication in the cloud with an on-demand solution consisting of single sign-on, multi-factor authentication, directory integration and user provisioning.

CloudWALL OTP | One Time Password  delivers unparalleled usability by working with all major smartphone platforms and letting users to perform multi-factor authentication with the click of a button to any of your applications and services by integrating your existing Directory Services.

Find more details at www.cloudwall.tk/otp.

Read More

Critical flaws in Wordpress Plugins

If you own a WordPress site, make sure you are staying on top of updates—not just for the core platform, but for all the themes and plugins, too. WordPress powers over 70 million Websites around the world, making it an attractive target for cyber-criminals. Attackers frequently hijack vulnerable WordPress installations to host spam pages and other malicious content. Researchers have uncovered a number of serious vulnerabilities in these popular WordPress plugins over the last few weeks.

WordPress has a fairly painless update process for its plugins as well as core files. Site owners need to regularly check for and install updates for all the updates. It's also worth checking through all the directories, such as wp-includes, to make sure unknown files haven't taken up residence.

CloudWALL MDS | Malware Detection Service allows organizations to proactively scan their web sites for malware, providing automated alerts and in-depth reporting to enable prompt identification and resolution and enables organizations to protect their customers from malware infections and safeguard their brand reputations. Organizations that use CloudWALL MDS will be able to quickly identify and eradicate malware that could infect their web site visitors and lead to loss of data and revenue.

Find more details at www.cloudwall.tk/mds.

Read More

New site catalogs XSS vulnerabilities

A new online archive is gaining popularity among security researchers as a go-to source to anonymously submit cross-site scripting vulnerabilities uncovered from across the Web. In less than two weeks, the site has amassed enough reported vulnerabilities to cast doubt on the security of dozens of high-profile companies' websites.

Having only received its first confirmed submission on June 18, XSSposed.org has tallied more than 300 confirmed cross-site scripting (XSS) vulnerabilities across hundreds of sites since its inception.

A typical submission provides the vulnerable URL, information on when the vulnerability was verified by the site's as-yet-unnamed administrators, whether the flaw has been fixed since it was first disclosed and the Google and Alexa rankings of the vulnerable domain.

CloudWALL WAF | Web Application Firewall protects Web applications at the very edge of the Internet as opposed to inside the datacenter. Our solution shields an organization’s network from the growing number of application-layer attacks and prevents the loss of valuable corporate and customer data. In addition to proven attack defenses, the CloudWALL WAF | Web Application Firewall aids in compliance with information security regulations, such as PCI-DSS.

Find more details at www.cloudwall.tk/waf

Read More

Android RAT attacks mobile banking apps

A new remote access Trojan malware for Android devices, dubbed com.II, is threatening users’ mobile banking data, SMS messages and contact lists.

According to a blog by security vendor FireEye, the offending RAT is able to disable anti-virus systems Android users have in place, before scanning for banking apps and replacing them with fake ones. The malware then installs malicious app updates, steals and sends SMS messages and gains access to contact lists.

CloudWALL MDM | Mobile Device Management delivers the first ever cloud-based SaaS (Software-as-a-Service) security for mobile devices, including smartphones and tablets. Our platform is hosted on Amazon cloud, providing the highest level of readiness and scalability protection against cyber threats anytime, anywhere. By it mobile antivirus protection or device management, CloudWALL MDM | Mobile Device Management brings the best mobile security solutions with no compromise on quality of service.

Find more details at www.cloudwall.tk/mdm

Read More

DDoS is a key threat for 58% of companies

The past few years have seen rapid progression in the scale and complexity of Distributed Denial of Service (DDoS) attacks, making them one of the biggest security concerns for business organisations. A study conducted by BT has revealed that 36% of UK companies rank DDoS attacks among their key concerns and the proportion is even higher on a global scale (58%).

The survey involved IT managers from 11 countries, gauging their attitudes to DDoS attacks and assessing their preparedness to deal with such incursions. BT found that 41% of companies had become the target of a DDoS attack in the past year and over 75% of them had been subjected to attacks at least twice. For 20% of enterprises, the cyber offensive had taken their systems offline for a whole working day.

CloudWALL DOS | Denial of Service Prevention offers 24x7 DDoS protection from the cloud. Our cloud-based protection blocks high-bandwidth DDoS attacks that flood your network as well as low-bandwidth, hard-to-detect attacks that bypass existing security devices like firewalls and intrusion prevention systems, and target the applications that keep your business running.  

With a virtually unlimited mitigation capacity working on our 17 data centers around the world, you can rely on our fully reduntant datacenters to ensure network availability of your critical systems and services.

Find more details at www.cloudwall.tk/dos

Read More