Website News, Articles and Updates

Report: Expect more website ads to contain hidden cryptominers

In addition to hiding cryptocurrency miners in the coding of websites, malicious actors may also increasingly conceal them within advertisements appearing on these sites.

Jamie Oliver Company defends response to malware-ridden website

Representatives of Jamie Oliver insist the celebrity chef has 'no regrets' over the handling of security breakdowns on his website, despite exposing millions of visitors to malware that could have been used to steal sensitive data.

New Statesman website hacked, redirects to escort site

British politics and current affairs magazine New Statesmen has admitted it was hacked on Wednesday, with the home page content on http://newstatesman.com/ redirecting to http://trescorts.com/, a Turkish escort website.

You think you've nothing to steal? Hackers don't agree.

Few understand the value of their website to hackers says Ilia Kolochenko, warning that even an individual blog is potentially at risk.

Prison escape via mobile phone highlights social engineering vulnerability

A prison escape with a fake release note, from a fake website, set up via mobile phone, demonstrates yet again that people are our biggest security vulnerability says Fotis Gagadis.

Jetty web servers vulnerable to Heartbleed-style attacks

A critical flaw found on open-source Jetty HTTP web servers could - if left unpatched - lead to hackers hijacking internet sessions and stealing sensitive data.

SoakSoak bug hits 100,000 websites using old plugin flaw

WordPress sites have been hit by a malware campaign from a Russian domain using a plugin flaw identified months ago.

'Destover' malware highlights incident response

Fallout from Sony Pictures hack continues with incident reponse now under the spotlight.

G4S shares sent tumbling by fake website that cost £12 to build

British security services company G4S saw shares decline yesterday following a hoax emailed message and website.

Combating 'malvertising'

Web sites that take advertising need to protect against inadvertently delivering malware to their users, before, during and after an attack, explains Terry Greer-King.

Fake Tor website serves up malware

A new website, Torbundlebrowser.org, may look almost identical to the original Tor Project but is in fact a fake serving up malicious software.

WordPress and Drupal flaw hits 23% of world's websites

Up to 230 million websites, including the US White House and the UK's main government data site, are at risk from a denial of service flaw in their WordPress and Drupal content management systems. The two suppliers have rushed out a fix.

Website encryption boosted by Google promotion of HTTPS

The latest change in Google's search engine optimisation (SEO) algorithm looks set to boost the uptake of encryption for websites by rating sites using HTTPS higher than those with HTTP.

4% of Googlebots are fake and can launch attacks

Admins' fear of damaging their SEO gives malicious search engine bots a 'VIP pass' into sites.

More questions than answers as BBC outage fuels DDoS talk

The British Broadcasting Corporation was hit by a prolonged outage on its website and iPlayer video-on-demand service (VOD) last weekend, raising questions about the cause and whether it was subjected to a distributed-denial-of-service (DDoS) attack.

WordPress plugin flaw opens blogs up to cybercriminals

A WordPress plugin called MailPoet - which has been downloaded around 1.7 million times - has placed large numbers of WordPress-based websites at risk of incursion.

The dungeon of the 'Deep Web'; where even the spiders dare not travel

Charles Sweeney asks, are your staff inadvertently leaving the back door open via an innocent lunch-time browse?

CNET loses data on 1 million users

IT technology website lost data on one million users to Russian hackers.

300,000 servers still vulnerable to Heartbleed bug

Two-and-a-half months on from the discovery of the Heartbleed bug affecting OpenSSL security, and one security researcher claims that the flaw still affects 300,000 servers.

Anonymous fells World Cup websites

Hactivism group Anonymous has made good on its promise to hack the websites of World Cup sponsors and Brazilian government departments by launching a spate of DDoS and website defacement attacks.

Confusion reigns after Bitly data breach

URL link shortening service Bitly has asked its users to change passwords and their API key and OAuth token after revealing that some user accounts have been compromised. But precise details on the attack have not been made public.

Critical infrastructure put on 'Heartbleed Bug' alert

Critical infrastructure operators are now being alerted to the far reaching impact of a critical OpenSSL flaw, dubbed the "Heartbleed Bug."

Heartbleed flaw threatens millions of websites

Systems admins are being warned of a "potentially disastrous" security flaw that allows hackers to steal data from millions of websites worldwide without leaving a trace.

PHP poses threat to website integrity

"Patching no longer offers complete protection" says Professor John Walker, Nottingham Trent University

162,000 reasons to tighten up WordPress security

"Cyber-criminals continue to innovate and find vulnerabilities to exploit for their criminal activity" says Lancope CTO Tim Keanini.

Pregnancy advice clinic fined for 'unforgiveable' data breach

Hacktivist thwarted in plan to reveal names of clients at BPAS following data breach.