Industry Research : Imperva Report Examines Dangers In Light Of Military Singles Hack
Imperva, Inc. (NYSE: IMPV), a provider of a new category of data security solutions for high-value business data in the data center, today released its May Hacker Intelligence report Dissecting a Hacktivist Attack, which highlights how hackers exploit user-generated content features of social media websites by deconstructing the recently successful attack on MilitarySingles.com.
"Social networking, user-generated content and PHP-based applications are prevalent on the Web, but this report gives pause to consider how easily sensitive personal information can be accessed through these channels," said Amichai Shulman, CTO, Imperva. "Additionally, the attack on MilitarySingles.com calls into question the need for government and military personnel to have special policies regarding social networking, to prevent their information from being easily accessed and manipulated."
The report includes additional recommendations for social media websites to protect themselves from the dangers associated with user-generated content. Because many social media sites run PHP, a Web development language common to more than 75% of websites, they are vulnerable to Remote and Local File Inclusion attacks, which can be launched from user-generated uploads.
Highlights from Dissecting a Hacktivist Attack include:
How User-Generated Content is an Achilles Heel: Imperva describes how hackers can take advantage of user-generated content to initiate RFI attacks against PHP-based applications and offers advice to improve security.
How Enterprises Can Deploy Stronger Password Protection Techniques: Imperva believes that more than 90% of the MilitarySingles.com passwords were cracked in 9 hours. Imperva offers advice on how to better encrypt passwords to prevent future breaches.
Why Military and Government Employees Need to Interact Differently With Social Networking: Imperva questions whether it is appropriate for military and government employees with links to sensitive information to participate in social networking websites and suggests new public security policies may be required to prevent future breaches.
Today's Tip of the Day - Keys To Technology
More Editorial From Imperva
Published: Friday, May 25, 2012
Genesys® powers 25 billion of the world’s best customer experiences each year. Our success comes from connecting employee and customer conversations on any channel, every day. Over 10,000 companies in...
Doxim is a provider of SaaS-based customer engagement solutions for credit unions, community banks and wealth management firms. Doxim’s Customer Engagement Platform helps financial institutions transf...
|Bright Pattern Inc|
Bright Pattern is an effective cloud contact center software which helps businesses to simplify multichannel service. Bright Pattern’s solution features enterprise-grade architecture that offers n...
Five9 is a provider of cloud software for the enterprise contact center market, bringing the power of the cloud to thousands of customers and facilitating approximately three billion customer interact...