Article name: FTP login credentials at major corporations breached.
By Greg Masters, posted June 29, 2009.
http://www.securecomputing.net.au/News/148759,ftp-login-credentials-at-major-corporations-breached.aspx
"A Trojan was reportedly uncovered that is harvesting FTP login data of major corporations, including the Bank of America, BBC, Amazon, Cisco, Monster.com, Symantec and McAfee". It is a ZBot trojan which is known for capturing keystrokes to obtain login credentials, along with credit card or other sensitive information.
Once a PC was infected, user's stored FTP login credentials were stolen.
The major impacts of this trojan were stolen login credentials for around 68,000 websites. Also some versions of the trojan are capable of getting snapshots of an infected user's system.
Measures that these organisations can take to prevent these threats and attacks in future include warning site users about these problems. Ivan Macalintal, a threat researcher manager at Trend Micro said that traditional antidotes can be used including not clicking on suspicious or solicited links, browse safely and securely using web filtering, update patches and use safe computing practices. These are the main measures which can be taken to prevent any future attacks by the users, other than these i am sure that these major corporations have taken some approaches to stop any future attacks but the artical does not discuss these.
In regards to measures that the University of Ballarat has in place to deal with information security the Network and Infrastructure team have dedicated team that focuses on information security. The ICT security staff has implemented a number of strategies to protect our data, services and systems. Measures that have beeen taken include use of state of the art fire walls, virus and spyware protection, anti-spam software, multi tiered password protection, secure login via Access@UB, secure data storage, security alerts, educating UB students and staff and access to free anti-virus software(sophos).
No comments:
Post a Comment