The True Cost of Phishing Attacks

/in , , /by

It is quite deceiving that something so vicious can be named after a treasured pastime. We love fishing, but this is not your grandfather’s weekend adventure. Phishing is a serious crime and one from which many are unable to recover. Phishing is not going away anytime soon. In fact, it is at an all-time high. We at Alliance Technology Partners want to warn you about the true cost of phishing attacks.

 

Phishing Statistics

According to the APWG Phishing Activity Trends Report, in the 1st quarter of 2014, the number of phishing sites jumped by 10.7 percent compared to the final quarter in 2013. In 2013, the number of brands targeted by criminals was 525 in the 4th quarter, and by the 1st quarter in 2014, that number reached 557. The first quarter of 2014 experienced the second highest number ever recorded in the first quarter since APWG began tracking and publishing the Phishing Activity and Trends Report.

 

Who are the Primary Targets?

Cybercriminals are not picky. They target any and all businesses and the customers who visit their sites, check their emails, and more. According to the same APWG report, at least 32.7 percent of personal computers were infected with some sort of spyware, malware or adware.

In the United States, we are the number one targets for criminals, as the US is the country with the highest number of phishing sites (APWG June 2014). Trojans are the number-one strain of phishing weapons. Trojans make up more 70% of new malware strains and malware infections.

What is it criminals are after and what industries and consumers are affected? The agency reports payment services sites make up 47% of email subjects; 20% are financial service industries, and 20% include retail and service industries. The two common types of attacks are “spear phishing” and “whaling.”

Crimeware is a common malware code that infiltrates financial institutions to steal customer data and financial information. Generic and Data Trojans can be deployed to any company’s network—including yours—to collect all data that goes in and out of the company. If your company is not in the position to protect, detect, and prevent such attacks, the consequences can and will cripple your business and its brand.

 

What is the True Cost?

Wall Street and Tech reports more than 70% of companies report that the lack of security awareness is the number one threat against the company. Let’s be clear: there are more than financial costs on the line; your very operations are in jeopardy. Once a criminal gets into the system or accesses data, the costs soar. An organization can spend as much as $3.7 million per year addressing phishing attacks. Does your company have that kind of dough? Companies that experience data breaches can also lose money in the bank, they may have to pay legal fees and settlements, they may have to replace software and systems, and companies—if they survive—will have to repair their reputations as well. Revenue is lost, trust is lost, customers flee, and word-of-mouth prevents new clients from seeking your services.

 

Don’t’ become a phishing horror story. Talk to the professionals at Alliance Technology Partners about prevention, protection and strategies to combat phishing attacks.

Improvements to Acunetix Web Vulnerability Scanner 10

/in , /by

Technology is quickly changing the way more and more businesses are running. Advancements in browser technology and the spread of cloud computing are making web services and applications the core elements of most companies. These advancements are improving business with better efficiency and productivity, but at the same time opening themselves up to online hackers.

Since more than 70% of websites and applications contain vulnerabilities that can make sensitive data easy to steal, it has been critical that businesses use tools like the Acunetix Web Vulnerability Scanner for security against cyber-crimes. The latests version, Acunetix 10, has been released and contains major upgrades. Below we discuss the ways that Acunetix 10 is even better than the previous versions of the trusted web vulnerability scanner you have come to rely on.

 

Re-Engineered ‘Login Sequence Recorder’ for Acunetix 10 

Experts have re-engineered the ‘Login Sequence Recorder’ from the ground-up, which allows for restricted areas to be entirely scanned automatically, giving you better peace of mind. Generally, restricted areas like user login pages make it harder for a scanner to access them and would need manual direction. The Acunetix 10 ‘Login Sequence Recorder’ has been significantly improved so that it can automatically scan web applications that use an OAuth-based authentication and single Sign-On (SSO). The ‘Login Sequence Recorder’ shows extreme improvements in the support for nonces, anti-CSRF token or one-time tokens that are used in restricted areas.

 

Better WordPress Vulnerability Detection 

Since over 74 million WordPress sites are up and running, all it takes is one vulnerability found in WordPress Core or a plugin to attack millions of individual sites. Acunetix Version 10 now tests for more than 1200 vulnerabilities that are specific to WordPress, based on the most commonly downloaded plugins. It can still retain the ability to detect custom built plugin vulnerabilities, and no other scanner on the market can detect such a high number of possible WordPress weaknesses.

 

Improved Support for A Variety of Web Services and Development Architectures 

Ruby on Rails and Java are what many mission critical, enterprise-grade applications are built on. Acunetix Version 10 has been constructed to crawl and scan web applications built using these technologies with extreme accuracy. Specific improvements are seen for SOAP-based web services with WCF and WSDL descriptions, along with automated scans of RESTful web services that use WADL definitions. Version 10 additionally uses a dynamic crawl pre-seeding via integration of third-party, external tools that include Burp Suite, Fiddler and the Selenium IDE. This enhances Business Logic Testing and the workflow among Automation and Manual Testing.

 

Acunetix 10 Detects Malware and Phishing URLs 

A malware URL detection service ships with Acunetix Version 10, which is used to analyze every external link found during a scan against a database of Malware and Phishing URLs that is constantly updated. This Malware Detection Service uses the Google and Yandex Safe Browsing Database.

 

Contact us today if you have any questions about updating to Acunetix 10! It is the best decision you will make for the online security of your business.

Gartner recognizes Acunetix as a Challenger for Application Security Testing in 2015

/in , , , /by

Gartner recognizes Acunetix as a Challenger

Acunetix Receives 2nd highest product score for Manual Web Penetration Testing in Gartner’s 2015 Critical Capabilities for Application Security Testing Report

Gartner, Inc., the leading provider of research and analysis on the global information technology industry, has recognized Acunetix as a challenger, assigning Acunetix Web Vulnerability Scanner a score of 4.36 out of 5.0 in the Manual Web Penetration Testing Use Case, in Gartner’s most recent Critical Capabilities for Application Security Testing Report.

Read More

 

No More Abuse

/in , , /by

It’s a devastating fact that many women and children in America are victims of violence every day. Whether it is from a parent or spouse, abuse against women and children is still a serious societal concern and it needs to come to an end. The best way to stop this unspeakable cycle of violence is to start by creating an awareness of the issue and move forward with a plan. The city of St. Louis is saying “No More”, and has put together No More Abuse in hopes of ending violence against women and children in their community.

 

About No More Abuse

St. Louis leaders are going to come together on Thursday, September 17, to say “No More” to abuse and violence against women and children. The event is not a fundraiser, and it’s intention is to create awareness of the amount of violence going on in St. Louis. The free community event will be a breakfast open to the public. During the gathering, the area’s best practices will be highlighted with concrete methods to break the silence and put an end to violence in the community. Those in attendance will hear from survivors of such abuse as well as a “voice for change”. Guests will also have the chance to meet with local experts in the area of family violence treatment and prevention.

All of those who attend the free community event will be asked to take personal action in order to allow positive changes to occur. These experiences and acts of prevention will be publicly noted via the No More Abuse website (www.nomoreabuse-stl.org) with hopes to inspire others to make positive changes in behavior.

 

Sponsors of the Event

Safe Connections and the Family Resource Center have partnered up to bring No More Abuse to the world. They have received support from over 70 individual and organizational members, including of the St. Louis Area Council on Child Abuse and Neglect, Family Violence Council, and St. Louis Ending Violence Against Women Network. Co-chairs of the event are Kathy Osborn, the Regional Business Council Executive Director, and the President of the Urban League, Michael McMillan. Molly Higgins, who is the Vice President of Corporate Communication and Civic affairs for the St. Louis Rams is a noted sports sponsor.

 

Sobering Facts About Violence Against Women and Children in the US

According to research, is has been estimated that over 10% of American women are the victims of domestic violence annually. In addition, 3 million children in America are exposed to domestic violence. Studies have shown that children are also at risk of being abused by that violent parent. Sadly, boys who witness domestic violence have a high chance of abusing their own partners once they reach adulthood. Girls who witness domestic abuse generally come to believe that violence at the hands of a male is acceptable and do not adequately protect themselves when their domestic male partner becomes violent, blaming themselves for the abuse.

 

It is time to Break the Silence and End the Violence. Visit www.nomoreabuse-stl.org for information on how you can help or become part of the event.