Advertisment

Risky blogging!

author-image
CIOL Bureau
Updated On
New Update

NEW DELHI: Websense, Inc., the world's leading provider of employee internet management solutions, today announced that blogs are increasingly being exploited as a means to distribute malicious code and keylogging software. To date in 2005, Websense Security Labs has discovered hundreds of instances of blogs involved in the storage and delivery of harmful code.



Websense software provides a layered security approach against web based threats, such as corrupted blogs, that complements traditional network security measures, protecting valuable corporate and employee information from being exposed.



Cyber-criminals are now taking advantage of blog sites that allow users to easily publish their own web pages at no cost. Blogs can be attractive vehicles for hackers for several reasons-blogs offer large amounts of free storage, they do not require any identity authentication to post information, and most blog hosting facilities do not provide antivirus protection for posted files.



In some cases, the culprits create a blog on a legitimate host site, post viral code or keylogging software to the page, and attract traffic to the toxic blog by sending a link through spam email or instant messaging (IM) to a large number of recipients. In other cases, the blog can be used as a storage mechanism, which keeps malicious code that can be accessed by a Trojan horse that has already been hidden on the user's computer.



As cyber-crooks and hackers continue to find more creative ways to deliver their harmful software, a layered security approach at the Internet, network and desktop can protect valuable corporate and employee information. At the Internet gateway and desktop, URLs and applications that are identified as being associated with these new scams or those that are infected with keylogging code are categorized and added to the Websense Master Database. Companies can then set policies to block employees from visiting websites, which contain malicious code, providing a proactive layer of security.



Websense Web Security Suite-Lockdown Edition protects organizations from web based threats that are designed to bypass firewalls and antivirus measures. Organizations are able to stop the execution of unauthorized applications such as spyware, keyloggers or viruses on the employee desktop. The software allows only approved applications to run on corporate PCs and servers through its advanced lockdown features. If an employee follows a link to a blog that infects their machine with malicious code, that code would not be able to execute and propagate itself over the network.



Websense Web Security Suite-Lockdown Edition is available for organizations looking for protection from these new evolving security threats. For a free 30-day evaluation of Websense software or for more information on protecting your organization from a wide range of threats including spyware, peer-to-peer, virus outbreaks and internal hacking exploits, please visit www.websense.com. Websense Security Labs offers free email security updates as new internet threats are discovered and is available at www.websensesecuritylabs.com.

tech-news