Recommended Product
Network Security Audit Software
Network Security Audit Software and Computer Security Tools
  Learn More
 
 
  Network Security Software
Network Bandwidth Monitor

Network Bandwidth Monitor
NBMonitor displays real-time details about your network connections & bandwidth usage.

   
Network Access Monitoring

Network Access Monitoring
ShareAlarmPro monitors network access to shared folders and resources.

   
Product Key Finder
Product Key Finder

Product Key Explorer retrieves over 800 software product keys from network computers.
   
Network Shares Monitoring

Network Share Watcher
Monitors network folders permissions and identify shares which are violating company data access policy.

 
 

Network Security News

Cache Of Stolen FTP Credentials Discovered

September 17, 2010

Security researchers recently stumbled upon a malicious website that housed a cache of stolen FTP credentials. The malicious domain, discovered last week by researchers at network security and management firm Blue Coat, housed a set of sensitive files, two of which contained a total of nearly 100,000 login and password combinations for a mixed batch of domains.

Another file contained 1,905 login and password combinations for the Servage.net domain, a provider that hosts more than 185,000 websites. And, a fourth file contained 197 credentials for a set of sites on the Russian narod.ru domain and several other Russian, Polish and Ukrainian web hosts.

Most of the logins - presumably used by webmasters - had "reasonably strong" passwords, Chris Larsen, a security researcher at Blue Coat, wrote in a blog post. One password in particular was a 39-character German phrase with a few numbers mixed in. Other passwords, however, were not as complex.

"Sadly, there were still quite a few ‘dictionary word' passwords and ‘simple numeric' passwords and other easily guessed ones, but these were a clear minority," Larsen wrote.

Late last year an analysis of 32 million passwords obtained by a hacker who broke into the database of social networking application provider RockYou.com, revealed that the most commonly used password on the site was ‘123456.'

Stumbling on a booty of stolen credentials can be frustrating for researchers because there is not much they can do to notify those whose passwords have been stolen, Larsen said. The discovery, however, does provide an opportunity to remind webmasters that their FTP credentials should be protected and treated with as much care as banking credentials.

"Try to only use them from computers that are known to be secure," he wrote. "The bad guys want your login."

Besides the stolen credentials, researchers also discovered several known malicious executable files and an encrypted payload disguised as a GIF.

View more news

 
  Most Popular
. Computer Security

. Ethical Hacking

. Windows 7: the untold story of how the enterprise gets snubbed

. Open source identity: Linux founder Linus Torvalds

. FAQ: How to protect your PC against the Downadup worm

. Brocade's new CTO takes aim at Cisco

. Heartland tries to rally industry in wake of data breach

. IBM confirms layoffs

. Apple puts iPhone Nano and Netbook rumors to rest

. Microsoft 'can't imagine' PS3 catching up to Xbox 360
 
 
  Popular Searches
 
 
 

 

Sponsored Links
Network Security Auditor
Nsauditor is a complete networking utilities package that includes more than 45 network tools and utilities for network auditing, scanning,network connections monitoring and more. For more information, please visit:
www.nsauditor.com


Password Recovery Software
SpotAuditor is All-in-one password recovery program that offers administrators and users a comprehensive solution for recovering passwords and other critical business information saved in users' computers. For more information, please visit:
www.password-recovery-software.com

BlueAuditor - Monitor YourBluetooth Network
BlueAuditor detects and monitors Bluetooth devices in a wireless network and allows network administrators to audit wireless networks against security vulnerabilities associated with the use of Bluetooth devices. For more information, please visit:
nsauditor.com/bluetooth_network_scanner.html