5 signs your Web app has been hacked

Computerworld Security: Issues and Trends: November 04, 2015
===============================================================

5 signs your Web app has been hacked

Website defacements? Database dumps? Mysterious files? Here's how to tell if
your Web application has been hacked -- and how to secure it once and for all.
http://cwonline.computerworld.com/t/9340133/823929840/770410/17/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=366a1e02

~~~~~~~~~~~~~~~~~~~WHITE PAPER: DocuSign~~~~~~~~~~~~~~~~~~~~~

Business at the Speed of Paper

HR thought leaders are addressing goals to attract and retain the right talent
by making sure key functions like hiring, on boarding, and benefits enrollment
are streamlined and paper-free.

http://cwonline.computerworld.com/t/9340133/823929840/770411/18/?3e076d18=am9uc2FuOThAZ21haWwuY29t&x=e256ba1d

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


IN THIS ISSUE

1. Hackers infect MySQL servers with malware for DDoS attacks
http://cwonline.computerworld.com/t/9340133/823929840/770412/19/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=64eb8888

2. Many U.S. enterprises still run XcodeGhost-infected Apple apps
http://cwonline.computerworld.com/t/9340133/823929840/770413/20/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=1e4b47ed

3. Windows users often forget about patching their Apple programs
http://cwonline.computerworld.com/t/9340133/823929840/770414/21/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=b2668198

4. The rise of the hacker next door or across the world: Your customers get it. How about your CEO?
http://cwonline.computerworld.com/t/9340133/823929840/770415/28/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=c653cae2

5. All CoinVault and Bitcryptor ransomware victims can now recover their files for free
http://cwonline.computerworld.com/t/9340133/823929840/770416/29/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=325d2f81

6. Google researchers poke holes in Galaxy S6 Edge, show OEMs add risky code
http://cwonline.computerworld.com/t/9340133/823929840/770417/30/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=5d654a2e

7. CISA won't do a lot to turn threat intelligence into action
http://cwonline.computerworld.com/t/9340133/823929840/770418/31/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=fe31048c

8. Irari Report: ISIS using U.S. hosting services to avoid intelligence agencies
http://cwonline.computerworld.com/t/9340133/823929840/770419/32/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=558be7e4

9. Is your information security program giving you static?
http://cwonline.computerworld.com/t/9340133/823929840/770420/33/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=4bd33fd7

10. Fujitsu turns to biometrics for data encryption
http://cwonline.computerworld.com/t/9340133/823929840/770421/34/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=55dcd392

11. Don't overdo with biometrics, expert warns
http://cwonline.computerworld.com/t/9340133/823929840/770422/35/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=1c2a5d81

12. Strengthen network security with Passive DNS
http://cwonline.computerworld.com/t/9340133/823929840/770423/36/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=8888b933

13. Intel Security to discontinue McAfee SaaS products
http://cwonline.computerworld.com/t/9340133/823929840/770424/37/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=f2a9c76c

14. Social engineering: Employees could be your weakest link
http://cwonline.computerworld.com/t/9340133/823929840/770425/38/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=09399734

15. Mozilla mulls early cutoff for SHA-1 digital certificates
http://cwonline.computerworld.com/t/9340133/823929840/770426/39/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=a4014942

16. Board getting more involved in cybersecurity, but is it enough?
http://cwonline.computerworld.com/t/9340133/823929840/770427/40/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=743a41c5

17. New identity alliance formed -- useful or just marketing spin?
http://cwonline.computerworld.com/t/9340133/823929840/770428/41/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=dbc375c5


~~~~~~~~~~~~~~~~~~~WHITE PAPER: Teradata~~~~~~~~~~~~~~~~~~~~~

A New Strategic Approach to Data and Analytics

Many confuse the adoption of big data technology with creating a coherent big
data strategy and in the process are creating "big data debt". Learn the
concepts and guidelines that remedy that debt and increases your long-term
results by taking a new data and analytics centric approach.

http://cwonline.computerworld.com/t/9340133/823929840/770429/42/?3e076d18=am9uc2FuOThAZ21haWwuY29t&x=d6753c00

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hackers infect MySQL servers with malware for DDoS attacks

Hackers infect MySQL database servers with a malware program that's used to
launch distributed denial-of-service (DDoS) attacks.
http://cwonline.computerworld.com/t/9340133/823929840/770412/43/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=b1e20ac7

Many U.S. enterprises still run XcodeGhost-infected Apple apps

Dozens of U.S. enterprises are still using Apple mobile apps seeded with
malware, a clever hacking scheme revealed last month known as XcodeGhost.
http://cwonline.computerworld.com/t/9340133/823929840/770413/44/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=de00c574

Windows users often forget about patching their Apple programs

A survey of applications installed on Windows computers found many people don't
run up-to-date versions of Apple programs.
http://cwonline.computerworld.com/t/9340133/823929840/770414/45/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=177bf258

The rise of the hacker next door or across the world: Your customers get it. How about your CEO?

Crisis-level security breaches frighten consumers and IT professionals alike,
but that's no guarantee for funding to strengthen database defense forces, a
task on which your job increasingly depends. Build your case by driving home the
link between this critical investment and your organization's image as a
uniquely trustworthy, skilled innovator. From the IDG Contributor Network.
http://cwonline.computerworld.com/t/9340133/823929840/770415/46/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=29aadb66

All CoinVault and Bitcryptor ransomware victims can now recover their files for free

Researchers from Kaspersky Lab and the Dutch Public Prosecution Service have
obtained the last set of encryption keys from command-and-control servers that
were used by CoinVault and Bitcryptor, two related ransomware threats.
http://cwonline.computerworld.com/t/9340133/823929840/770416/47/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=fdcd4867

Google researchers poke holes in Galaxy S6 Edge, show OEMs add risky code

Google's security researchers found 11 serious vulnerabilities in Samsung's
Galaxy S6 Edge phone in code that was added by the manufacturer.
http://cwonline.computerworld.com/t/9340133/823929840/770417/48/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=3cd8686a

CISA won't do a lot to turn threat intelligence into action

With the Cybersecurity Information Sharing Act (CISA) the feds are trying to
make it more attractive to share threat intelligence, but it won't do much to
help businesses deal with the high cost of sorting through what can be an
overwhelming flow of possible security incidents.
http://cwonline.computerworld.com/t/9340133/823929840/770418/49/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=2bdd52cc

Irari Report: ISIS using U.S. hosting services to avoid intelligence agencies

In the first segment of The Irari Report interview with WauchulaGhost, leader of
the hacktivist group GhostSec, which has been taking down ISIS operations and
actually credited with stopping terrorist attacks, Ira Winkler and Araceli Treu
Gomes learn that ISIS has purposefully been using Google and Amazon Web Services
to avoid U.S. and international intelligence agencies.
http://cwonline.computerworld.com/t/9340133/823929840/770419/50/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=8fc68d2a

~~~~~~~~~~~~~~~~~~~WEBCAST: Coresite~~~~~~~~~~~~~~~~~~~~~

Data Center Virtual Tour

Take a sneak peek inside a multi-tenant data center today, and hear from
CoreSite's executive team.

http://cwonline.computerworld.com/t/9340133/823929840/770430/51/?3e076d18=am9uc2FuOThAZ21haWwuY29t&x=3b342564

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Is your information security program giving you static?

Unfortunately, the bad actors in the information security world have far more
time to spend breaking into our systems than we have to protect them. This
creates a constantly changing threat landscape. A static approach to protecting
systems is not able to keep up with evolving threats. To be successful, we must
move to a dynamic approach to protecting systems and networks. From the IDG
Contributor Network.
http://cwonline.computerworld.com/t/9340133/823929840/770420/52/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=1da7e0e8

Fujitsu turns to biometrics for data encryption

Fujitsu says it has developed software that uses biometric data directly as the
basis for encryption and decryption of data, simplifying and strengthening
security systems that rely on biometrics such as fingerprints, retina scans and
palm vein scans.
http://cwonline.computerworld.com/t/9340133/823929840/770421/53/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=48e960ff

Don't overdo with biometrics, expert warns

Biometric data such as fingerprint scans is being collected too widely and too
casually, according to security company Protegrity USA.
http://cwonline.computerworld.com/t/9340133/823929840/770422/54/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=8ae02785

Strengthen network security with Passive DNS

Collecting and analyzing Passive DNS data can help identify malicious sites and
combat phishing and malware; here's how to get started.
http://cwonline.computerworld.com/t/9340133/823929840/770423/55/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=09fcc027

Intel Security to discontinue McAfee SaaS products

Some products will be replaced, but admins will need to start over for setup and
configuration.
http://cwonline.computerworld.com/t/9340133/823929840/770424/56/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=3f325c5b

Social engineering: Employees could be your weakest link

Business leaders should be aware of the risks that social engineering can pose
to their operations, reputation and customers.
http://cwonline.computerworld.com/t/9340133/823929840/770425/57/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=46c57bbd

Mozilla mulls early cutoff for SHA-1 digital certificates

Mozilla is considering banning digital certificates signed with the SHA-1
algorithm in July 2016.
http://cwonline.computerworld.com/t/9340133/823929840/770426/58/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=952f5b03

Board getting more involved in cybersecurity, but is it enough?

Despite operating in a state of hyper-vigilance regarding cybersecurity threats,
board participation in such planning is at only 45%, according to 10,000
executives surveyed by PwC.
http://cwonline.computerworld.com/t/9340133/823929840/770427/59/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=059f1c52

New identity alliance formed -- useful or just marketing spin?

New initiatives in the technology space seem to happen almost on a daily basis.
Is today's example useful for customers or just a marketing ploy? From the IDG
Contributor Network.
http://cwonline.computerworld.com/t/9340133/823929840/770428/60/?c1e998ea=Y29tcHV0ZXJ3b3JsZF9zZWN1cml0eV9pc3N1ZXM%3d&03f17c32=NzlhODIzMDVmY2VlNWFkNTY3MTYwODNmMjg1ZjI4NDk%3d&x=d76182cc



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Peruse our library of free digital magazines!
Choose from a collection of smartly designed digital magazines, which include
our most popular departments -- News Analysis, Features, Opinions and Shark Tank
-- all free for download with registration.
These digital magazines also feature Computerworld signature packages, including
our IT Careers 2015 Special Report, with the latest on hot skills and hiring
trends, and our Forecast 2015 report, with unique insights into the IT budgets,
project priorities and staffing strategies of top IT leaders.
View them all at http://cwonline.computerworld.com/t/9340133/823929840/724679/61/


Computerworld's 2016 IT Salary Survey: How does your salary compare with your IT
peers? Computerworld's 30th Annual Salary Survey will feature the latest IT
salary trends and advice on where to find the best-paying jobs. This year's
survey participants can enter a drawing to win 1 of 3 American Express gift
cheques for $500 each! The drawing is open to legal U.S. residents, age 18 or
older. Take our annual IT Salary Survey today!
http://cwonline.computerworld.com/t/9340133/823929840/754544/62/

Read about the 6 traits of rising IT stars
Check out our October Digital Magazine, featuring a look at some of IT's rising
stars. What qualities put IT pros on the fast track to the top? These five
up-and-coming execs (and their bosses) offer advice on ways to hone your own
leadership skills. The magazine also includes News Analysis, Opinions and Shark
Tank -- all free for download with registration.
View the magazine at
http://cwonline.computerworld.com/t/9340133/823929840/763910/63/

Special Report: Computerworld's 100 Best Places to Work in IT for 2015
In this edition of Computerworld's July Digital Magazine: Our 22nd annual report
on the top organizations across the country that offer technology pros
challenging projects, robust salaries and flexible work/life options.
http://cwonline.computerworld.com/t/9340133/823929840/741285/64/

Free Shark Tank T-shirt

Clueless Consultants? Bungling Bosses? Useless Users? Tell me your tale. If it
gets published, you get a sharp Shark shirt.

Submissions
mailto:sharky@computerworld.com

Shark Tank FAQ
http://cwonline.computerworld.com/t/9340133/823929840/641183/65/


Internet of Things: Get the latest news!

Our bimonthly Internet of Things newsletter helps you keep pace with the rapidly
evolving technologies, trends and developments related to the Internet of Things
(IoT).

Subscribe now and stay up to date!

http://cwonline.computerworld.com/t/9340133/823929840/689330/66/

Subscribe to Computerworld Daily News

Sign up for our popular, twice-daily tech news newsletter. You'll get
Computerworld's up-to-the-minute top stories of the day, both first thing in the
morning and late in the afternoon (ET). We deliver breaking news on topics like
the latest security threats and the newest mobile devices, in-depth features
about enterprise technologies and IT careers, and authoritative analyses of
moves made by tech companies like Google, Microsoft, Apple, IBM and HP.

Sign up now: http://cwonline.computerworld.com/t/9340133/823929840/689330/67/

Computerworld Job Board

Search multiple listings now and get new job alerts as they are posted.

http://cwonline.computerworld.com/t/9340133/823929840/156832/68/


Get more IT peer perspective online:

LinkedIn Group: http://cwonline.computerworld.com/t/9340133/823929840/311619/69/

Facebook: http://cwonline.computerworld.com/t/9340133/823929840/311620/70/

Twitter: http://cwonline.computerworld.com/t/9340133/823929840/311621/130/

===============================================================

CONTACTS/SUBSCRIPTIONS

You are currently subscribed to computerworld_security_issues as: jonsan98@gmail.com.

To unsubscribe from this newsletter, go to:
http://cwonline.computerworld.com/t/9340133/823929840/131135/131/?90482085=aHR0cDovL2N3b25saW5lLmNvbXB1dGVyd29ybGQuY29tL3U%2faWQ9ODIzOTI5ODQwLjIzMzZmYjBlZWQ5NTcxOTgwMmJhOTZmMjZlZWI0MTllJm49VCZsPWNvbXB1dGVyd29ybGRfc2VjdXJpdHlfaXNzdWVzJm89OTM0MDEzMw%3d%3d&x=fee14cca

To manage your subscription preferences, go to:
http://cwonline.computerworld.com/t/9340133/823929840/689329/132/

To subscribe to a newsletter, go to:
http://cwonline.computerworld.com/t/9340133/823929840/689329/133/

When accessing content promoted in this email, you are providing consent for
your information to be shared with the sponsors of the content. Please see our
Privacy Policy for more information.

Computerworld's online privacy policy is at:
http://cwonline.computerworld.com/t/9340133/823929840/689331/134/

If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com

To contact Computerworld, please send an e-mail to online@computerworld.com.

Copyright (C) 2015 Computerworld, 492 Old Connecticut Path, Framingham MA 01701

** Please do not reply to this message. If you want to contact someone directly,
send an e-mail to online@computerworld.com **