Most Updated News on How to Protect Against DoS Attacks!

Zeus Trojan P2P update makes take-downs harder
Malware victim loses net connection to iCode
Cases of hacking accused heard
Hackers may try to disrupt World IPv6 Day
Lockheed Martin Cyber Attack Highlights Cyber-Blame Snags
3 Reasons Why Security Appliances are Hot
Security industry says utility attacks imminent
Malaysia’s Top News Website Hit by DDoS Attack
Most IT departments ?clueless? over sensitive files
ESET Lists the Dominant E-Threats of 2010

Zeus Trojan P2P update makes take-downs harder

The Zeus financial malware has been updated with peer-to-peer functionality that makes it much more resilient to take-down efforts and gives its controllers flexibility in how they run their fraud operations.

The new version of the infamous banking Trojan was discovered and analyzed [] by Swiss security expert Roman Hssy, the creator of the Zeus and SpyEye tracking services.

One year ago security researchers from antivirus vendor Trend Micro managed to link a file infector dubbed LICAT to Zeus, concluding that it serves as a delivery platform for the Trojan and is designed to prolong its infections.

LICAT uses a special algorithm to generate random domain names for updating purposes in a similar manner to the Conficker worm. Its creators know in advance what domains the malware will check on a certain date and can register them if they need to distribute a new version.

“A few weeks ago I’ve noticed that no new murofet/LICAT C&C [command and control] domain names have been registered by the criminals. I was a little bit confused and decided to analyse a recent Zeus sample (spread through a Spam campaign targeting US citizens),” Hssy wrote on his blog on Monday.

“When I ran the binary in my sandbox, I’ve seen some weird UDP traffic. My first guess was: This is not ZeuS. But after I’ve analysed the infection I came to the conclusion that it is actually ZeuS,” he noted.

Once installed on a computer, the new Zeus variant queries a set of hardcoded IP addresses that correspond to other infected systems. The Trojan downloads an updated set of IPs from them and if those computers are also running a newer version, it updates itself.

Zeus is one of the oldest and most popular crimeware toolkits available on the underground market. Up until this year the Trojan could only be acquired for significant sums of money from its original author. However, a few months ago the source code leaked online and now anyone with the proper knowledge can create variations of the malware.

Hssy believes that this new version is a custom build used by a particular fraud gang or a very small number of cybercriminal groups. Fortunately, the variant still relies on a single domain for receiving commands and submitting stolen data, and this allows researchers to hijack the botnet temporarily, at least until it is updated to use another domain via the P-to-P system.

Using this method, which is known as sinkholing, Hssy managed to count 100,000 unique IP addresses in 24 hours. This doesn’t reflect the exact size of the botnet, because infected LAN computers can use the same IP on the Internet, while others might get new IP addresses assigned to them by their internet service providers on each restart.

The effort did, however, allow the Swiss researcher to determine that the biggest number of computers infected with this new Zeus variant are located in India, Italy and the U.S.

“We all know that the fight between criminals and security researchers is a cat and mouse game. I’m sure this wasn’t the last change made to ZeuS and we will continue to see efforts from criminals to make their malware stay more under the radar,” Hssy concluded.

According to a recent report from security vendor Trusteer, Zeus and SpyEye are the biggest threats faced by financial institutions, the company estimating that the number of Zeus infections exceeds that of SpyEye four to one.

Malware victim loses net connection to iCode

An Australian woman this month has had her internet connection cut off under the iCode initiative after she received 42 consecutive emails warning that her computer was infected.

The customer of a small unnamed telco had her machine hijacked by a botnet, rendering it what is known as a zombie machine. It then pumped malicious traffic over her internet connection which alerted her ISP.

The woman had struggled to remove the notoriously stubborn malicious?fake anti-virus program? because it had disabled her legitimate anti-virus software and prevented her from executing applications.

Her internet connection was cut to all but a single web page with the provider, referred to as a walled garden, after she failed to remove the infection.

The telco then phoned her to assist in the removal of the malware.

Internet connections were cut only in the “most severe” cases, iCode chief and former director of the Internet Industry Association (IIA) Peter Coroneos said.

Normally customers would be contacted by phone or email after ISPs detected malicious botnet traffic from their accounts, and then direct to a web page which contains security tools.

Large internet providers typically implemented network traffic analysis and automated email alerts to detect and warn customers of infections.

Smaller telcos often manually examined data, sinkholed botnet traffic and phoned compromised users, Coroneos said.

Recent information from the Australian Communications and Media Authority found the average number of daily reported botnet infections had declined from 16,000, between June 2010 and 2011, to 11500 in July alone this year.

The IIA did not have figures detailing the number of machines cleaned by telcos operating under the iCode.

Heading offshore

Australia’s voluntary internet industry iCode may be adopted in the US and will be trialled in South Africa under an increasing drive by governments and industry to wipe out botnets.

Some ISPs in South Africa would soon begin trials of the code, Coroneos said.

The US Department of Homeland Security may also adopt the iCode. It flagged the strategy in request for information document issued this month to research ways to reduce botnet infections.

Also flagged was a similar government-run initiative in Japan where botnet infections were discovered in honeypots.

In both initiatives, compromised customers were directed to a web page to download security tools that could remove the infections.

Coroneos said he thought the iCode would fit well with US legal frameworks because the country’s largest telco, Comcast, had already implemented a similar in-house framework.

“The internet providers have far from won the fight against botnets, but there is progress and customers are accepting of the iCode,” Coroneos said.

The code was pushed out to pre-empt looming government regulation that may have made providers responsible for the security of end-users.

Cases of hacking accused heard

The case of two teenagers accused of hacking into websites including that of the UK’s Serious Organised Crime Agency has been heard in court.

Jake Davis, 18, and Ryan Cleary, 19, were not at Southwark Crown Court for the short hearing, but it is understood to be the first time their cases have been grouped together.

Judge Nicholas Loraine-Smith said they will both need to appear at the court for a plea and case management on January 27 next year.

Davis, from the Shetland Islands, was arrested by officers from the Metropolitan Police’s e-crime unit as part of an investigation into hacking groups LulzSec and Anonymous. He is said to use the online nickname “Topiary” and present himself as a spokesman for the two groups.

The teenager faces five charges, including conspiring to carry out a distributed denial of service (DDos) attack on the police agency. Such attacks see websites flooded with traffic to make them crash.

Davis is also charged with gaining unauthorised access to a computer system, encouraging or assisting offences, and with two counts of conspiracy to commit offences.

At a hearing earlier this month, the teenager was bailed to an address in Spalding, Lincolnshire, where his mother lives. He was also told he was not allowed to access the internet through a computer or mobile phone, either himself or by asking someone to do it for him.

Cleary, from Wickford in Essex, who has been diagnosed with Asperger’s syndrome since he was arrested at his family home on Monday June 20, is charged with conspiring with other people on or before that date to create a remotely-controlled network of zombie computers, known as a “botnet”, which crashes websites.

He is also alleged to have carried out attacks on or before June 20 against Soca, the British Phonographic Industry’s website, and the International Federation of the Phonographic Industry’s website, and with making, adapting or supplying a botnet for a DDos attack.

He was given bail earlier on condition that he does not access the internet or have in his possession any device that could access the web. The alleged hacker was told he is to live and sleep at his address, and not leave the house other than in the company of his mother Rita Cleary.

Hackers may try to disrupt World IPv6 Day

Hundreds of popular websites — including Google, Facebook, Yahoo and Bing — are participating in a 24-hour trial of a new Internet standard called IPv6 on June 8, prompting worries that hackers will exploit weaknesses in this emerging technology to launch attacks.

Dubbed World IPv6 Day, the IPv6 trial runs from 8 p.m. EST on Tuesday until 7:59 p.m. EST on Wednesday.

Security experts are concerned that the 400-plus corporate, government and university websites that are participating in World IPv6 Day could be hit with distributed denial of service (DDoS) or other hacking attacks during the 24-hour trial.

“In the last five months, there has been a huge increase in DDoS attacks,” says Ron Meyran, director of product marketing and security at Radware, a network device company that is participating in World IPv6 Day. “IPv6 is going to be even easier for attackers … because IPv6 traffic will go through your deep packet inspection systems uninspected.”

Meyran says another concern is that IPv6 packet headers are four times larger than IPv4 headers. This means routers, firewalls and other network devices must process more data, which makes it easier to overwhelm them in a DDoS attack.

“With a DDoS attack, you need to reach 100% utilization of the networking and security devices to saturate the services,” Meyran says. The longer headers in IPv6 “must be processed completely to make routing decisions.”

“I wonder if there’s going to be any sort of DDoS type of things going on … or hackers probing servers that are dual-stack enabled [running IPv6 and IPv4 at the same time],” says Jean McManus, executive director of Verizon’s Corporate Technology Organization, which is participating in World IPv6 Day. “Content providers need to be careful and watch to make sure that everything is appropriately locked down.”

Many security threats related to IPv6 stem from the fact that the technology is new, so it hasn’t been as well-tested or de-bugged as IPv4. Also, fewer network managers have experience with IPv6 so they aren’t as familiar with writing IPv6-related rules for their firewalls or other security devices.

“We know from security breaches that the security rules that allow you to see the network and applications better … is where there is a lack of training and expertise with IPv6,” Meyran

World IPv6 Day participants say the event was advertized to everybody in the Internet engineering community, including hackers, and they are beefing up the security measures on their sites accordingly.

“This is a well-publicized event,” says John Brzozowski, distinguished engineer and chief architect for IPv6 at Comcast, which is participating in World IPv6 Day both as a provider of IPv6-based cable modem services and as an operator of seven IPv6-enabled websites. “Anything can happen. IPv6 is no different than any other new technology. The potential [for attacks] is there. Protecting the network is key to us.”

Lockheed Martin Cyber Attack Highlights Cyber-Blame Snags

WASHINGTON | Mon May 30, 2011 6:48pm EDT
(Reuters) – Past patterns may point to China, but top investigators say they will never know for sure who mounted a “significant” cyberattack against Lockheed Martin Corp, the Pentagon’s No. 1 arms supplier.
Lockheed, which is also the government’s top information technology provider, said on Sunday it was a “frequent target of adversaries around the world.”

The company has not disclosed which of its business units was targeted, but people with experience plugging holes after such strikes said that cyberspies likely sought trade secrets or weapons-related data.

The Bethesda, Maryland-based company did not respond to a request to clarify whom it deemed adversaries, and whether it suspected a foreign state in the digital assault it said it had detected “almost immediately” on May 21.

Lockheed said it had countered with stepped-up security measures and that no customer, program or employee personal data has been compromised in the “significant and tenacious attack” on its information systems network.

China has generally emerged as a prime suspect when it comes to keyboard-launched espionage against U.S. interests, although the Pentagon says more than 100 foreign intelligence groups have been trying to pierce U.S. networks.

“China’s government, the Chinese Communist Party, and Chinese individuals and organizations continue to hack into American computer systems and networks as well as those of foreign entities and governments,” the bipartisan U.S.-China Economic and Security Review Commission said in its 2010 annual report to Congress.

The body was created by the Congress in 2000 to advise it on implications of trade with China. It said in its report the methods used in suspected Chinese-launched attacks were growing more sophisticated and increasingly piggy-backing on social networking tools.


Beijing, at odds with the United States over Taiwan and other issues, has “laced U.S. infrastructure with logic bombs,” a cyberweapon, former U.S. National Security Council official Richard Clarke wrote in his 2010 book “Cyber War.”

Beijing steadfastly dismisses such charges.

“I’d say it’s just irresponsible to arbitrarily link China to such cyber hacking activities in each and every turn,” Wang Baodong, the Chinese Embassy spokesman in Washington, said in an email to Reuters. “As a victim itself, China is firmly against hacking activities and strongly for international cooperation on this front”.

Pinning down responsibility for an attack like that reported by Lockheed is “incredibly difficult” given the sophisticated ways that an attacker may misdirect, said Anup Ghosh, a former senior scientist at the Pentagon’s Defense Advanced Research Projects Agency, or DARPA.

Encoded clues in the Stuxnet virus that may have slowed progress on Iran’s nuclear program, for instance, seemed designed to point to Israel.

But “it is impossible to know if these are red herrings or genuine,” said Ghosh, who worked on securing military networks for DARPA from 2002 to 2006 and who now runs Invincea, a software security company.

Eugene Spafford, who heads the CERIAS cybersecurity research facility at Purdue University in Indiana, said the digital residue of an attack would not suffice to lead to a person or place.

“Records may show a network address where those bits came from, and that network address may tie to a machine in a country, but that is only the address of the most recent ‘hop’,” he said in an email interview.

“It is always possible that it is a system that itself was compromised, by another system that was compromised,” and so on and so on, Spafford said. In addition, one could never rule out the possibility that a given cyberstrike might be launched by someone in the pay of yet a third party, no matter where it originated.

Spafford, whose CERIAS lab has partnered with a dozen major companies and national laboratories, including defense contractors and Fortune 500 companies, said the bottom line is that “we likely never really will know who did it.”

Investigators first look for hard evidence — searching for stolen data that may be traveling across the Internet or seeking out people looking to sell information culled in a cyber attack. They typically rely heavily on circumstantial evidence, including whether the attack details match known methods from a suspect and if the targets are consistent with a group’s perceived interest.

It is also possible that the U.S. intelligence community, using its vast electronic eavesdropping and other spying capabilities, may make a judgment about the origin independent of forensic analysis, but that too would be subject to doubt.

3 Reasons Why Security Appliances are Hot

For many SMBs, security appliances are the best solution to their security needs as they are very affordable, offer excellent protection, and require little or no technical expertise to install or maintain. For those same reasons, valued-added resellers (VARs) find appliances to be a relatively easy sell.


Among the easiest appliances for VARs to sell are functional, manageable and upgradeable devices, notably unified threat management (UTM) appliances, which are available from many vendors such as Cisco, Fortinet, SonicWall and WatchGuard. The UTM concept is based on the assumption that a combination of security solutions bundled in the same appliance creates a better security umbrella for organizations, said Ariel Avitan, an analyst at Frost & Sullivan.

“Another main advantage of UTM solutions is their low cost in comparison to purchasing many different security solutions,” said Avitan. “These two advantages are driving the rapid adoption of UTM solutions by SMB customers.”

Typical UTM solutions include a firewall, intrusion prevention system/intrusion detection system (IPS/IDS), an AV (Antivirus), an AS (Anti-Spam) component and a virtual private network (VPN).

The shift in business to the Web has exposed small businesses to multiple security risks, which they often struggle to counteract due to limited IT and financial resources.

“The solution for many SMBs is a security appliance, because it is easy to manage, affordable and doesn’t require them to be security experts,” said John Keenan, VP of Distribution, Americas for SonicWALL, a security vendor. Keenan said three factors are driving appliance sales in the SMB market: the proliferation of broadband; intelligent controls on the boxes; and SMBs’ appetite for enhanced security.


Security appliances are very affordable

Products range in price from a hundred dollars to several thousand dollars.

A low-end offering such as the ZyWALL 2 Plus costs a little more than $100 but delivers quite a bit. It supports IPSec VPN, which makes it suitable for remote site to central server deployment and home to office or office to home deployments. Data encryption over the Internet ensures secure transmission between two sites, eliminating the need for expensive leased lines, and enabling global interconnectivity at a minimal expense.

The ZyWALL 2 Plus provides robust firewall protection, based on stateful packet inspection (SPI) and denial of service (DoS) technology. The ZyWALL 2 Plus provides the first line of defense against hackers, and other malicious threats.

If you choose to go up a notch, a Cisco ASA 5500 will set you back anywhere from $700 to $5000 dollars. A low-end Cisco ASA 5500 is an easy to deploy solution that integrates world class firewall, unified communications (voice/video) security, SSL and IPsec VPN, intrusion prevention (IPS), and content security services in a flexible, modular product family.

Designed as a key component of the Cisco Self-Defending Network, the ASA 5500 provides intelligent threat defense and secure communications services that stop attacks before they impact business continuity.

A high-end appliance can cost several thousand dollars. For example, the Blue Coat ProxyOne, a new device aimed at SMBs, starts at $8,999 for 100 users. The price includes the appliance, software licenses, automatic security updates and 24X7 support. The appliance can scale to support up to 2,000 users.

For your money, you get Web filtering, inline malware and anti-virus scanning, as well as on-box reporting (reports generated by the product; no add-ons needed) to enable safer use of Web 2.0 applications. A ProxyOne box delivers real-time Web defense, using the cloud-based Blue Coat WebPulse service. Additionally, Blue Coat security experts continually update the WebPulse defenses to protect against new threats.


Excellent protection

A security appliance, such as a UTM solution, provides comprehensive protection to customers as it has tightly integrated security features that work together on a single appliance, said Keenan. This class of appliance makes it easy for SMBs to manage their security because they only have to deal with one box and one source of support. Such an appliance solution is highly cost-effective as it offers a centralized console that enables monitoring of network security at remote locations.

Besides UTMs, the security appliance market includes standalone appliances (which deliver a single security application), blade appliances (a hybrid between UTMs and standalone devices) and software appliances.

All-in-one security appliances require little or no user technical expertise to install or maintain. This makes them appealing to SMBs and VARs. SMBs like these boxes because of their simplicity and practicality, while VARs like them because they are generally bullet proof in their reliability, and provide the proverbial foot-in-the-door to sell services.

“Some SMBs still need our expertise, whether it’s assessing their securing vulnerabilities, configuring the products, or providing remote monitoring through a managed service,” said Alvin Myers, president of United Systems, a VAR in Oklahoma City.

Security industry says utility attacks imminent

An attack on utilities and infrastructure “is imminent”, various security experts have told?TechEye.

Sony, as we reported earlier, is struggling to prevent concerted attacks by a dedicated group of disgruntled hackers. But the threat doesn’t stop there.

Elsewhere, alarm bells rang as McAfee and the Centre for Strategic and International Studies (CSIS) launched a report called ‘In the Dark: Crucial Industries Confront Cyber-attacks’. It found that 40 percent of 200 IT security executives surveyed were worried that a major cyber-attack on critical infrastructures would occur within a year. The problem is, according to some, they are already happening.

Forty percent of the execs, from critical electricity infrastructure enterprises in 14 countries, also said the industry’s vulnerability had increased almost 30 percent. They believe that their companies are not ready for cyber-attacks. 90 to 95 percent of the people working on the smart grid were not concerned about security and only saw it as a last box they had to check.

One security professional, who wished to remain anonymous, said it’s another case of people “sticking their heads in the sand.”

Our source tells TechEye: “There’s already been attacks and threats to hospital infrastructure and financial institutions, while there’s been numerous security warnings of cyber attacks from China on utilities and infrastructure.

“Although it may be controversial to say, there’s no better way to attack a country then hit its power grids and overall infrastructure. That said, and as this report seems to show, no-one is really doing anything about it.

“They aren’t tightening their security around this, instead taking a head in the sand approach. If they don’t buck up their ideas soon, attacking countries will take advantage of this and I’m afraid I’ll take an “I told you so” approach.”

Another told us that he was surprised that this threat has taken so long to come to light.

“Of course, hackers are bright enough to move away from businesses and set their sites on the more important things such as utilities. After all, if they can take down a website, think what they can do to a power grid when they team up and put their clever minds together.

“Is there anything we can do?

“Sure, make sure utility companies keep up to date with their security, but that’s a lot easier said than done. After all, many are still burying their heads in the sand. Until a major threat occurs and hackers show their collective almighty strength, utility companies will continue to plod along as they already are.”

Other security experts are cautiously claiming that, as more DDoS attacks occur from people joining forces to bring down companies who have done something to annoy them, the threat could turn more sinister. A recent example is ?Sony, which was seen the PSN totally brought to its knees.

The attack is thought to be a thoroughly annoyed group of people who are upset about how Sony has handled the legal case it made against George Hotz, who posted the PS3’s root keys to get the system running on an alternative OS. Anonymous denies it is involved.

It’s no surprise, Professor Les Hatton at Kingston University tells TechEye: “The Sony attack wasn’t anything new, it just came to light as the company is high profile. The more high profile the attack, the higher and more qualified the hacker.

“It happens all the time.

“Most of the time servers are being attacked, it’s something we’ve come to expect from the internet. There’s obviously various types of attack from DDoS to breaking down passwords of government and business machines and installing software on them.

“Government sites and power grids are also being attacked.

“There will be more serious threats in the future as there is lots of money to be made. This will involve espionage as well as more serious attacks on utilities.”

Meanwhile, Graham Cluley at Sophos agrees: “We have seen attacks like this in the past. On the internet groups have formed to launch DDoS attacks, which have been very detrimental to companies with just a web presence. This is something groups will continue to do.

“On the other hand hackers going after a company which doesn’t depend on the internet will usually go it alone because this type of attack is far more malicious and not for notoriety meaning they don’t want to get caught.

“As more people however see they can join the net and form bonds with members to attack companies, this will become more and more popular,” he added.

Malaysia’s Top News Website Hit by DDoS Attack

Malaysia’s top news website,, was the victim of a distributed denial-of-service (DDoS) attack yesterday which rendered it unreachable.

It’s unclear who instrumented the attack or what was their intention, but it coincided with the start of elections in Sarawak, the largest Malaysian state located on the island of Borneo.

Malaysiakini provides news in English, Malay, Chinese and Tamil and has over 1.6 million monthly unique visitors. Since mid-2008, the website is the most popular online news source in the Asian country.

The attack was so powerful that both data centers housing the site’s servers were affected. JARING, one of Malaysia’s top ISPs that operates?one of the centers also reported service disruptions across several regions at around the same time.

A cyber attack beginning at 11am today shut down Malaysiakiniservers simultaneously, making the website inaccessible to readers.

The Malaysiakini technical team has determined it to be a denial-of-service attack, where an attacker uses computers in different parts of the world to swarm Malaysiakini servers to the point that they are unable to cope with the massive traffic.

Both our servers, which are hosted at two data centres – TM Brickfields and Jaring – have been affected by the attack,” Malaysiakini’s official announcement reads.

The website has remained offline since the attacks, but new Malaysiakini content has been made available through other means, including Facebook and a blog hosted at

The company plans to achieve some redundancy by cross-publishing on multiple platforms, including, Facebook, Blogger and others, which are better equipped to fend of powerful DDoS attacks.

Malaysiakini readers have been largely supportive, some even accusing the government of involvement and trying to censor the Sarawak elections.

There are various ways to mitigate DDoS attacks, but ultimately the only true protection is to have better bandwidth than what attackers have at their disposal.

Most IT departments ?clueless? over sensitive files

Sensitive files don’t appear to mean much to security pros, an Imperva survey suggests.

The majority of IT departments have little idea about how many sensitive files they have or where they are stored, research has revealed.

Two-fifths of respondents to an Imperva survey carried out at this year?s RSA Conference said they were completely clueless about the volume of sensitive files in their organisation.

Furthermore, almost two-thirds of the security professionals quizzed said they weren?t even aware of who had access to such files.

Nearly a third said their company had lost data due to employees abusing access rights, on purpose or by accident.

?With so many respondents unsure of how many sensitive files they have and how accessible they are, it indicates a general lack of control over sensitive data, which increases the likelihood of an insider breach,? said Amichai Shulman, chief technology officer (CTO) of Imperva.

?The first step to a solid data security plan is taking inventory of your sensitive files and knowing where they are and who has access to them at all times. Only with this complete picture will you be able to guard against insider threat by detecting when sensitive data is being added or removed, or when an employee is improperly accessing files.?

In more positive findings, 82 per cent of respondents said breaches such as WikiLeaks inspired them to reconsider security policies.

However, 57 per cent said they would not be investing more money into data security following the WikiLeaks saga

ESET Lists the Dominant E-Threats of 2010

According to its “End of 2010 Report’ that ESET the Slovakian security company released recently, the firm has detected Conficker, INF/Autorun and Win32/PSLOnlineGames as the three most prevalent malicious e-threats that respectively contributed a share of 8.45%, 6.76% and 3.59% to the total malware during 2010.

Moreover, ESET discloses that over 3 consecutive months, the malicious program Bflient.k has remained within the company’s Top Ten Threats List that ESET prepares every month.

Elaborate the security researchers that Bflient, which’s traded among cyber-criminals, is a toolkit with which botnets can be built and preserved. Moreover, the toolkit is customized for each client so that a distinction is maintained from customer to customer.

Notes the report that after a purchase takes place, the client is equipped with instructing his botnet for carrying out the typical operations viz. executing a DDoS (distributed denial-of-service) assault, contaminating other PCs, as well as downloading and planting suspicious programs whenever wished. reported this on February 1, 2011.

Furthermore, there’s a special risk from Facebook to users visiting the website in that they could contract malware as well as other assaults based on social engineering. Facebook, in its attempt at eliminating the symptom instead of the malaise, may keep on offering the privacy-infiltration factor which typically associates social media, since users want just that, in order that they (users) themselves have the onus of making sure that their databases aren’t given out in manners disagreeable to them. A few websites like Bebo have in fact switched to the “deny some things” option from “deny nothing” despite the fact that sharing the maximum of user database is basic so far as the website’s commercial model is concerned.

Additionally, aside the aforementioned issues, ESET in its report discusses the Wikileaks story as well which was dominant between July and December 2010. First, several attempts were made, though unsuccessful, for closing stable door via disabling Wikileaks servers first and subsequently with prominent online players’ coordinated corporate exertion for stopping funding and obstructing any more dissemination of the hacked database. Indeed, consequent of the Wikileaks episode, many DDoS and spam attacks took place worldwide.


Copyright © 2013. Created by Meks. Powered by WordPress.