Server security on point – 5 +1 best practices for Linux sysadmins
Boglarka Angalet

Server security on point – 5 +1 best practices for Linux sysadmins

No matter if you’re a Linux security veteran or you’re just about to get your feet wet, you’ll face the same security threats and upcoming attacks forms. Here we come with a security cheat sheet with ultimate checkpoints that no sysadmins should miss. When meeting new company, usually the very first thing I’m asked about is „How should I get rid of hackers? Show me the silver bullet.” But it’s a little bit like asking an economist on „Where to invest my money?”. It depends. To get a grip in the jungle of security recommendations, here I collected some guidelines...
Read more
Which are the most scanned ports?
Eniko Toth

Which are the most scanned ports?

What is a port? Ever since computers are able to run more programs at the same time and can connect to modern networks, ports became important. 3 things are needed for the communication between two machines: IP address of the host Port number Type of protocol (e.g. TCP, UDP) A port number is a 16-bit number between 0 and 65535. There are some specific ports which identify some exact services, e.g. port 80 is used for HTTP communication. Types of ports: Well Known Ports: 0 - 1023 Registered Ports: 1024 - 49151 Dynamic/Private : 49152 - 65535 W...
Read more
Old botnets aren’t harmless - the presence of Cutwail botnet nowadays
Anita Batari

Old botnets aren’t harmless - the presence of Cutwail botnet nowadays

Server operator faces many different types of attacks every day. Brute force, spam, CMS hacks and SQL injections are the most common - and the majority of them are automated botnet attacks. I think none of us can estimate how many servers and PCs are being unprotected against even the most simple botnets. But it’s not necessary to be a victim of an easily defendable attack. But even being careful, one thing you can fail about server security is underestimating the risk of old vulnerabilities and botnets. Thinking they’re doing no harm anymore, since they have been exposed and tracked d...
Read more
Castle Vs Airport Model in security
George Egri

Castle Vs Airport Model in security

Apart from changing the way we live, this virtual connectivity has exposed us to an array of attacks. Cyber risks are a growing concern in virtually every aspect of our lives. The integration of technology into our everyday tasks has paved way for more efficient work performance yet left us vulnerable to many cyber-attacks.  To combat the situation, easy-to-use server security tool was introduced into the equation with BitNinja being one of the top contenders.  With more and more malicious programs and hackers trying to penetrate systems on a daily basis via the use of latest tech...
Read more
Useful facts in cybersecurity landscape
Anita Batari

Useful facts in cybersecurity landscape

Today's post is a little eccentric. Thanks to the Crozdesk's  IT & Security we show you a really good infographic. You can check the past, the present and the future of the cybersecurity and the ITsecurity solutions. Which are the biggest fears? What are we expecting from a cybersecurity software? What kind of tools do you require to prevent attacks? You can find answers here: Which weapons are available in BitNinja? Malware Detection Web Application Firewall Intrusion Prevention System - with our greylist Denial of Service prevention...
Read more
The Next Level of Hacking
Dani Molnár

The Next Level of Hacking

Dani Molnár
In December 2015 and 2016 there were two blackouts in Ukraine that caused hundreds of thousands of Ukrainians to endure the notorious eastern cold winter for a few hours. At first, this wasn’t an alarming event as blackouts can happen anywhere and anytime, but the scale of it made people suspicious about it.  Later it turned out, that both attacks were cyber-attacks coming from Russia. Makes you think of Ian Fleming’s James Bond title “From Russia with Love” am I right? But why is it important? Why can we say that it is a milestone in the world of cyber-terrorism? Hackers can be found...
Read more
New IoT botnet captured by BitNinja
Anita Batari

New IoT botnet captured by BitNinja

We always keep our eyes on the logs, data, and charts. We always see abnormalities and unusual behaviours, we have found botnets before, but our recent catch is one of the biggest. These cases are really hard to handle due to the huge number of affected IPs. On the evening of 14th June, we have seen something strange, the average incident number increased by nearly 200%. But that was just the beginning, later on, there was a period when we received over five times more incidents. After 24 hours, we had four times more data than on an average day. We have captured a new botnet, which attacke...
Read more
The most common attacks against websites
Nikolett Hegedüs

The most common attacks against websites

Nikolett Hegedüs
I’m sure you’ve heard about the recent headlines about the hacked cameras with the system default passwords or how IoT (Internet of Things) devices can serve as botnets in huge DDoS attacks against the most frequently visited websites. One of these kinds of attacks was a DDoS attack against Dyn, the internet infrastructure company responsible for routing internet traffic. It caused outages in multiple large traffic websites like Twitter, Netflix, Reddit, Spotify, and Tumblr. In the case of a worse kind of black Friday, these websites were inaccessible for a couple of hours.   &n...
Read more

Cyber Security Landscape of 2016

Nikoletta Szabo
Since the first emergence of computer viruses and botnets, the number of infected machines is growing day by day. The rapid development of IT not only brought increased comfort to our life, but the vulnerability of our personal data as well.  In parallel with the evolution of technical devices, hackers became more sensible, aggressive and pragmatic each day. How does this phenomenon affect today’s world?   The real threat Well, nowadays the number of infected and compromised servers can be estimated to 45 million. Yes, this number is quite shocking, because the everyday...
Read more

Abdullkarem attack – a hack against sysadmins’ bad practice

George Egri
Mystery is on the horizon, ladies and gentlemen! And we always get excited about unappreciated server attacks. Just like in case of this ‘abdulkarrem’ one. Come, put on the role of Sherlock Holmes with us. Recently, there is a very frequent attack type. More and more sysadmin experience and complain about malicious request like these: GET /wp-includes/css/guide.php?php4&root&upl&wphp4&abdullkarem&GET /wp-includes/css/log.php?php4&root&upl&wphp4&abdullkarem&45GET /wp-admin/includes/iindex.php?php4&root&upl&wphp4&abdullkarem&450799&wp&GET /wp-includes/iindex.php?php4&root&upl&...
Read more