The Mykonos Web Application Security BlogStats

In recent news, Fox.com was successfully hacked and compromised. The group Lulz Security have claimed credit for the attack.

As a consequence of the attack on Fox.com, more than 250,000 X-Factor potential contestants may have had their personal information compromised. Additionally, as many as 300 Fox Broadcasting employees have fallen victim. Lulz Security have begun releasing the email and passwords of those employees, and have indicated that they will keep leaking of the compromised data every Monday.

http://gawker.com/5800366/database-of-fox-employees-passwords-and-emails-leaked

A second Sony site was shutdown earlier this week, after the company noticed that it was breached. Sony maintains that this is part of the original April attack.

Regardless of whether the this is something that this is the same attack or not, the consequence is clear. The cost of inadequately secured web apps and sites can be extremely detrimental to companies both from a financial and legal perspective.

Thus far, according to the Wall Street Journal, Sony has disclosed that 77 million accounts have been affected in the original April attack. While in the latest discover breached site in May, another 24.6 million accounts were compromised. This brings the total to 100 million customer accounts. Embarrassment is the least of Sony’s worries as it’s been report that suit is being filed against the company by its customers.

Sony should serve as a lesson to many of the importance of securing one’s website from attacks. As the saying goes, “the best defense is a good offense,” which in our opinion underscores the importance of being able to detect and prevent attacks before it happens and not after.

http://online.wsj.com/article/SB10001424052748704436004576299491191920416.html

“Larry Ponemon, chairman and founder of the Ponemon Institute, said the theft could cost Sony more than $1.5 billion, or an average of $20 for each of the 77 million customers whose data was potentially compromised. Poneman’s firm specializes in securing information on computer networks.”

Read more here

A hacker has claimed to have hacked the website of the European Space Agency.

http://www.theregister.co.uk/2011/04/18/esa_website_hack/

Another day another breach. WordPress may have lost source code from latest attack.

http://www.theregister.co.uk/2011/04/13/wordpress_hack_attack/

An old story with a new life since the court gave a go ahead for a lawsuit to be filed against RockYou for a SQL injection data breach. http://www.theregister.co.uk/2011/04/18/rockyou_data_breach_lawsuit/

The big security show of the year is here. We’re in booth 2151 in the Moscone Center in San Francisco.

We will be demoing our new version of our flagship product – The Mykonos Security Appliance.

Mykonos is the smartest way to secure Websites and Web applications against hackers, fraud and theft. Its next generation Web application firewall detects, tags, tracks and stops hackers in real-time. Unlike legacy signature-based approaches, Mykonos is the first technology that inserts thousands of detection points to proactively identify attackers before they do damage – without any false positives. Mykonos goes beyond the IP address to track the individual attacker, profile their behavior and deploy counter measures. With the Mykonos Security Appliance, administrators are liberated from writing rules, analyzing massive log files or monitoring another console. Mykonos neutralizes threats as they occur, preventing the loss of data and saving companies millions of dollars from fraud or lost revenue.

The new version 2.0 of our product is released. The press release is here.

Key highlights of the new release include:

• XSRF Protection – the introduction of a new security processor intended to eliminate XSRF or “one-click attacks” as an attack vector.
• Enhanced Tagging and Re-Identification – a major update to the proprietary methods of tagging and re-identification of the hacker to improve persistence. Mykonos Security Appliance uniquely tags the hacker with a “security token” which enables re-identification of the hacker and allows companies to safely prevent an attack.
• Breaks Automated Attacks – an enhanced counter-measure that detects bots or other machines running automated scripts. Mykonos CAPTCHA processor prevents bots running automated attacks against sites by breaking the script with a CAPTCHA challenge response.
• Comprehensive Reporting – the new Reporting Management System now enables administrators to share valuable hacker data with internal stakeholders while the security monitor console and GUI has been enhanced to improve the customer experience.
• Increased IT Flexibility – key infrastructure improvements enable the product to work seamlessly within enterprise IT environments. These include SSL configuration to secure internal communication and third-party authentication for access to the product and the ability for devices to connect to multiple V-LANS. For power users, a command line interface is also included.