Some ports are used by viruses and legitimate uses Port 6789 is one

Port 6789 according to Speedguide.net the port can be used by a Netsky worm variant, but is also used by the Sun cluster manager.

In fact that is how the worm replicates itself across the Internet, by using the Java software on the cluster manager software (smc-https  or Solaris Management console).

 

Many ports are thus always attempted to be used by viruses and hackers, it is important to continually be vigilant, and cut down on the possibility of hacking attempts.

review your systems with our products (A – Σ – Ω) and protect your computers and network.

Protecting your network is not going to be easy.

New Public Breach at sally Beauty Supply

bankinfosecurity has the information

 

The initial reports were that it was a data breach, but no credit card data was stolen, but 11 days later it looks as many as 25,000 records were exposed and stolen

Sally Beauty Supply operates approximately 500 stores worldwide and had $3.6 billion in sales in 2013.

 

As usual this may take some time to fully develop.  Always check your credit card statements for fraudulent activity.

SQL Injection is a programmatic attack on websites

OWASP  has a great website discussing SQL injection:

The Open web application Security project is an effort to help the programming community in securing their websites

And I will copy a couple of lines from their SQL_Injection_prevention_Cheat_sheet becasue it is important:

  • Option #1: Use of Prepared Statements (Parameterized Queries)
  • Option #2: Use of Stored Procedures
  • Option #3: Escaping all User Supplied Input

 

A Sigma Scan(Σ ) can help uncover any potential SQL injection vulnerabilities

To truly make sure that your site does not have any vulnerabilities, it is a good idea to test and interdependently verify these

XSS = Cross Site Scripting – dangerous website vulnerability

XSS is something every website should be aware of – test for it, because the bad hackers do.

Netsparker  is a good site to explain some of the potential attacks.

The effect of XSS is to use the website to extract information, and even bypass the defenses of the server.

In some cases if the vulnerability is capable it will take control of he machine by creating a shell command line for the hacker.

Once the hacker has a command a shell line on the server, they can copy the password files, and then the hack goes to the next level of attack.

It goes on from there – until the hacker gets full control. Whatever you have is the hackers.