<< Sound advice from Gartner on social networking by employees | Van Morrison iFrame injection snares users - so watch out >>

The Guardian Jobs website breach shows that Web portals remain a prime target for cybercriminals

27. October 2009 15:13

Over the weekend, the Guardian Jobs website, one of the top five employment sites in the UK with two million users logging in every month, was hacked. In a statement posted online, The Guardian stated that it had been “assured by our provider that the system is now secure and we have identified and contacted everyone who may have been affected”. It went on to admit that as many as half a million users may have had data compromised, all of whom had now been emailed.

As Finjan, we have identified many top websites (including the ones of CBS and the TV show “Heroes”) that were compromised by cybercriminals over the last few years. Especially those websites that store identity information will continue to be a prime target. With the holiday season around the corner, this spells bad news for IT managers, who are under immense pressure to keep their websites and portals safe – especially for online shoppers.

This latest security breach on the Guardian website illustrates that vulnerabilities are still in existence and are being exploited by cybercriminals. No details of the attack were made available, but it was quite likely designed to circumvent traditional web security solutions. Cybercrooks like to deploy additional attack vectors such as the theft of administrator FTP server credentials, which are then later used by cybercriminals to penetrate even more highly secure websites.

Yuval Ben Itzhak, Finjan’s Chief Technology Officer, warns that “auctioning stolen identity information is another technique that our researchers at MCRC have spotted. It's also worth noting that the Guardian jobs portal is not alone in being attacked by cybercriminals; other US job sites have also been hit using this hacker methodology."

As always, we advise individuals and corporations alike to make sure that they have the latest version of their web security in place.

For more on the Guardian Web site attack: http://www.itpro.co.uk/616756/guardian-job-site-hack-hits-half-a-million-users

For more on Finjan: www.finjan.com

d01c8d7f-0488-477d-9559-ce83ba1f65d1|0|.0

Tags: identity theft, vulnerabilities, cybercriminals, cybercrook

Last week’s DoS attack on social networking sites – targeting one, victimizing manyLast Thursday, a Georgian blogger called "Cyxymu" - with accounts on Twitter, Facebook, LiveJournal,...Finjan’s Unified Secure Web Gateway Prevents IE 0-Day Attack Associated with Microsoft Windows TV Tuner libraryA new 0-day attack has hit the web recently. The reported vulnerability is associated with Microsoft...Finjan’s Unified Secure Web Gateway Prevents IE 0-Day Attack Associated with Microsoft Windows TV Tuner libraryA new 0-day attack has hit the web recently. The reported vulnerability is associated with Microsoft...

Comments

10/27/2009 7:08:58 PM #

Pingback from topsy.com

Twitter Trackbacks for

        SecureTweets Blog | The Guardian Jobs website breach shows that Web portals remain a prime target for
        [finjan.com]
        on Topsy.com

topsy.com | Reply

Add comment