p2pnet - rss feed: StopBadware 2007 report
p2pnet news | Security:- The current state of badware on the internet is bad, but it could be worse, says a new report.
Most of the sites reported in 2007 were normally benign sites which had been compromised, “and turned into distributors of badware without the knowledge or permission of the website’s owner,” says StopBadware.org.
But drive-by downloads and website hacking waiting to strike the unwary, adding a “scary new element to the badware problemm” says Trends in Badware 2007, going on: “It’s no longer possible for a conscientious user to protect herself simply by staying away from the internet’s more questionable areas like software piracy, pornography, drugs, and gambling.”
Any website, no matter how trusted - even Santa’s - can be compromised and made to infect users who simply visit a web page.
Relatively inexpensive hosting for their personal sites is becoming popular and many small site owners don’t have the knowledge necessary to keep their own sites secure, relying on their hosting provider for everything from security to site design using provided templates.
“At the same time, the shared hosting providers that host the majority of small websites may compromise on security in order to be able to offer hosting at the competitive prices consumers have come to expect,” says StopBadware.
However, it continues, the tide may slowly be turning with more and mid-tier hosting providers becoming aware of the new hacking risks to their customers,
“Many of the website owners StopBadware has spoken with have expressed a willingness to pay a little more in hosting costs for the peace of mind of knowing their site is safer,” says the organization.
So-called social sites can also be a danger, but there are a few questions people can ask themselves, such as:
- Is this message, invitation, or attachment from someone you don’t know?
- If it is from someone you know, was the message, invitation or attachment unexpected?
- Does the profile try to lure you away to another site or “deal” that seems too good to be true?
- Is the user profile brand new with very few friends or not much personalization?
- Do the images on the profile appear to be too polished or glamorous to be real?
- Does the profile contain images in places where you’d expect to see text?
- Is some of the language of the message or profile incomprehensible?
But the StopBadware report ends on a happier note.
“The current state of badware on the internet is troubling, but not without hope,” it states. “In the past few years, badware grew from a somewhat fringe threat that primarily affected users who weren’t doing enough to protect themselves, to a menace that can lurk on even the most innocent-seeming website.
“Internet users no longer need to be persuaded to visit a malicious website or to download a questionable application; infection can now be as simple as a visit to a normally trusted site.”
The best defense is to update your software as quickly as possible whenever new patches are announced, whether it’s for your web browser, your website’s content management system, or your computer’s anti-virus and anti-spyware protection software, says the organisation.
Use free p2pnet newsfeeds for your site. It’s really easy!
Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile - http://p2pnet.net/index-wml.php
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for the download, and here for details. Click here or here to learn how to by-pass censorship in your area.
