Newsletter For the week of February 11, 2009

Web Threats Weekly

Web and Network Security About Protecting Brand and Reputation

A critical aim of protecting your business from online threats and ID thieves is ensuring your brand and reputation don't get dragged through the mud.

This week, we talked with online retailer TSS Radio's co-founder Sean Harper about the threat he and business people like him are facing, and what they can do to deal with the challenge. 

"As an e-commerce business, there is a significant danger to people shopping on our site," Harper says. "We have over 200,000 customers. If people thought our data was compromised, it would be a huge problem."

TSS Radio has outsourced much of their security infrastructure to security companies and vendors that can provide better security for their server and other network components than they can get in-house, Harper adds. "We do a few other things on our own to protect our customers' information, such as never allowing customer information to be written down or printed out."

Businesses also need procedures in place for if customers believe there has been a compromise before accusations start spreading, Harper notes. If customers see credit card purchases they haven't made on their statement and if they think the TSS Radio site is what compromised their information, he says it's important to have trained people in your organization who know how to show them and prove to them that it couldn't have happened through their business.

Keeping on top of security is a never-ending challenge, Harper notes. "When it comes to IT security threats, our tools are better than they were a few years ago, but it's like an arms race: the bad guys have their own tools, too."

Learn How To Protect Your Business Online at Vancouver Board of Trade Managers' Toolbox Presentation

PCIS would also like to invite you to the upcoming Vancouver Board of Trade Managers’ Toolbox session, Online Protection: How to secure your business and build consumer trustIt's happening on Tuesday, March 10. 

At this session, PCIS President Vaclav Vincalek will provide essential tips and practical steps you can take to protect your business and customers online. 

Register for the session at the Vancouver Board of Trade website.

Help Beat The Hackers In 2009. Here's How You Can Help

 Let us know about how your organization is helping keep your website visitors safe and your online safety tips could be featured in the next Web Threats Weekly!

PCIS is producing webinars in 2009 to help organizations better understand how to identify and prevent web vulnerabilities. If there's a topic you'd like us to address in our webinars, please let us know and we can put it into our webinar series.

Call us if your organization needs help understanding how to close off vulnerabilities to SQL injection and other hacker threats.

Beat the hackers in 2009. Contact PCIS.

Resources Links:

February 11, 2009

Web Threats Weekly is distributed by:

*Pacific Coast Information Systems Ltd.

* Boonbox, a division of PCIS

Contact PCIS

Toll-free 1.877.744.7558

In this issue:

* Web and Network Security About Protecting Brand and Reputation

* Help Beat The Hackers in 2009. Here's How You Can Help

* Learn How To Protect Your Business Online at Vancouver Board of Trade Managers' Toolbox Presentation

* Hacker Bait 

* Mythbusters Tip #12

* Spam-Alot

Web Threats Weekly helps organizations protect themselves and their customers from known online threats. 

Contact Boonbox

Name
*
Company
*
Phone
*
Email
*
How can we help?
Please tell us how you found out about PCIS


"Submit Inqiry"

 

Hacker Bait

The latest Hacker Bait list contains websites of business, personal sites and even a few security-focused organizations that have been found to have vulnerabilities that hackers and cyber criminals could exploit. 

This is not a complete list of all vulnerable sites on the Internet, but only represents websites where vulnerabilities were found within the past 90 days.

These are only the latest additions to an ever-growing club of sites found to be insecure according to various public sources and online tools used in the web security industry.

If you would like more information on our data and why these sites are listed here, please contact PCIS

Hacker Bait Sites With Vulnerabilities Discovered in Past 90 Days

secure.servage.net

secure.ubi.com

secure-disneyland.disney.go.com

usa.kapersky.com

bitdefender.pt

webs.com

cinefun4all.info

mixedsoft.blogspot.com

atelierpulver.ch

media-ad.info

group.hugoboss.com

globe.logicsofts.com

logicsofts.com

buysupplements.co.uk

deansplanet.com

fanboxnotes.com

kino.to

winzix.com

tradesunited.com

cozavurop.com

Mythbusters Tip #12

“Our developers already built security into our website. We're covered.”

Not necessarily. Most website programmers are self-taught or learned their skills on the job. A recent Evans Data Corporation survey showed just 2.4 per cent of web developers have vendor certification.

Web developers who learned their skills outside the classroom may not even be aware of good security practices, much less be able to implement them comprehensively for an organization.

Businesses need the right combination of technology tools, proven methodology, and especially, trained web security expertise, to ensure web security.

Mythbusters Myths 1 to 11

Spam-Alot

Spammers are linking to blogs, profiles and other pages on these trusted sites to give victims a false sense of security that the links can be followed safely. These sites may not have been hacked, but following the spam links to these sites and clicking on links shown there can result in harm to your computer.

If you would like more information on our data and why these sites are listed here, please contact PCIS

Spam-Alot Websites Exploited Since Feb. 5, 2009

chicagotribune.com

modestclothing.com

adrespatent.com

comcast.net

verizon.net

supermarketguru.com

Boonbox and Pacific Coast Information Systems Ltd.

Boonbox is a division of Pacific Coast Information Systems Ltd., specializing in products for web security, network security, password management and data backup.

PCIS is a Vancouver-based company which provides strategic consulting, application development, technology solutions and managed services to companies and government organizations throughout North America.

HOW TO SUBSCRIBE/UNSUBSCRIBE

SUBSCRIBE: To subscribe to Web Threats Weekly, send a blank email message with subject line "SUBSCRIBE" to informer@pcis.com

UNSUBSCRIBE: If you do not wish to receive future issues of Web Threats Weekly, send a blank email with subject line "UNSUBSCRIBE" to:informer@pcis.com and we will promptly remove you from our distribution list.

WE WANT YOUR FEEDBACK

Our purpose for providing this free service is to keep our clients and business contacts informed of technology developments. This information can help them resolve common problems and achieve their full potential by strengthening their business processes and infrastructure. Your input is important to us and we welcome your ideas for new features and how we can continue to improve our service to you. Send your comments and suggestions to informer@pcis.com or contact us directly at 604.844.7558