| FREE NEWSLETTERS |  |
IT DIRECTORY | |
NEWS ALERTS | |
RSS | |
NEWS TIP-OFFS | |
ADD TO FAVOURITES | |
| VIRTUAL PRESS OFFICESTM |  |
(011) 807 3294 |  |
itnews@itweb.co.za | Advertise on ITWeb | Tue, 9 Sep 2008 |
Local sites vandalised
Hackers known as zBiDy and ViZer have defaced several South African Web sites.
According to Telspace Systems CEO Dino Covotsos, it is unlikely the attacks are targeted. “The hackers are basically conducting a mass scan for vulnerable systems. Once a vulnerable system is found, it's exploited and all index pages are replaced with the hacked version.”
The front page or another page of the hacked site will be replaced with the phrase: “This site hacked by zBiDy.” It is most often accompanied by an image of a man with wings, but there are several versions of the replacement page in circulation.
Covotsos says the hacker, or more likely hackers, have a long history of site defacement. “They have broken into various different operating systems, ranging from SolarisSunOS, FreeBSD, Linux through to Windows 2003.
According to Covotsos, the defacement can easily be prevented. “People who are hosting their own sites on their own servers need to ensure servers are regularly patched with the latest updates.”
He says Web site owners need to make sure anything that can be blocked at the firewall should be. “This includes any unnecessary services.” He adds that file permissions should be checked to ensure no one can change or move files from site indexes.
However, Covotsos notes it becomes more difficult for owners to ensure site security if they are hosted by a third party company. “Hosting companies need to get vulnerability assessments done on a monthly basis.”
He adds that those that host sites need to know the security threats and should patch their own servers to keep client sites safe. “These companies can also write scripts that ensure client site index files are locked down with the correct permissions.”
Some of the local sites infected include antenuptial.co.za, yourwedding.co.za and the photo gallery on flysouthadventures.co.za.
POST YOUR COMMENT
Comments (2)
George
said:
|
Shock, Gasp, Horror. More websites hacked?? Oh noes, if only we had trusted Telspace Systems to scan our servers it would all be better. |
|
Best read Security
RELATED ARTICLES
Industry news
SecureData updates BEE status:
In November 2009, Secure Data commissioned Honeycomb to conduct a BBBEE verification of the organisation. The BBBEE rating is based on the Codes of Good Practice on Black Economic Empowerment released by the DTI. Based on this, Secure Data is a Level Four Contributor, allowing a recognition level of 100%.
Magix empowers clients to fight against fraud with continuous, non-invasive auditing and monitoring solutions designed to take the hard work out of risk management. Visit our website to see the various solutions we specialise in.
|
Unravel the complex broadband packages and technologies now on offer. Find out what broadband can do for your business. Analysts and key players discuss where we’re at and where broadband is going at the ITWeb Broadband 2010 Conference.Publications
|
|
