Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Patchlink comment on Monster.com vulnerability

Lumension Security : 22 August, 2007  (Technical Article)
Monster.com Trojan horse attack which claimed user's private information highlights requirement for wider use fo proactive security policy enforcement.
A Trojan horse attack on Monster.com has left 1.6 million users vulnerable. Victims' names, email addresses, phone numbers and home addresses have been stolen by cyber-criminals according to media reports:

Andrew Clarke, Senior Vice President International, PatchLink, a global leader in security and vulnerability management commented:

"The recent explosion of cyber-space has provided criminals with another dimension to 'play' in. It is concerning that millions of people post their sensitive data on websites for all to see without any assurances it will be kept safe. The massive uptake of social networking sites like Facebook is a case in point. Sites like Monster.com are inherently trusted by their users leaving many consumers exposed. Data security needs to step up to combat the 'ethically compromised' e-criminals.

"It is not just consumers that need to be concerned about this latest Trojan. Putting aside Monster.com's reputation, HR managers everywhere will be using Monster to find their new employees, giving the e-criminal a backdoor to the business.

"Government and businesses worldwide are faced with chaotic security environments and it's important to get the upper hand of the increasingly clued up e-criminals. To prevent future cases we need to turn security on its head and, instead of working on our back foot, adopt a positive security model. By adopting the 'known good' strategy the Monster.com breach would not be able to affect business; the malware used in this case, ntos.exe, would simply be denied access onto a network.

"Cyber-crime is a reality and a reactive security policy can no longer be relied upon. Proactive enforcement combined with reactive management of risks allows businesses to gain control."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo