SQL and DDOS attacks remain priority for hackers
Sensitive data increasingly being gleamed from social networks and through the practice of 'E-whoring', notes Imperva.
SQL injection and DDoS attacks are still the main ways in which hackers aim to attack websites.
Nearly one fifth of discussion volume (19 per cent) in a hacker forum comprising of 250,000 members, was dedicated to discussing SQL and DDOS attacks, according to data security firm, Imperva.
SQL injections are currently the top priority for hackers, as security teams and businesses have failed to take precautions to protect themselves, the firm in its Monitoring Hacker Forums report.
Gleaming sensitive information through popular social media networks and the practice of E-whoring are also on the rise.
Facebook and Twitter are the most discussed media platforms in hacker forums taking up 39 per cent and 37 per cent of the discussion time, respectively.
"Facebook and Twitter are on top of that list and with some presence of Myspace and Google + and LinkedIn," Tal Be'ery, web researcher for Imperva, told IT Pro.
"But Facebook and Twitter are at the top because are the most popular [and] therefore the most interesting data can be found there."
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
E-whoring, the practice of selling pornographic content, is becoming more popular avenue for hackers who exploit men and women. Hackers typically pretend to be women and tempt victims into paying money for 'E-whoring packages' with the promise of pictures and videos.
Hackers aims to attain street cred' in forums by giving aspiring students tips and tricks. As they start to learn more, students are given topic forum-specific codes so that the experienced hacker does not give out vital information about what they know or who they are.
Be'ery added that through the private network within forums, hackers use private messaging, giving certain people authentication privileges or using instant messaging since creating accounts is easily accessible.
Businesses should use CAPTCHA authentication and monitor browser traffic to make sure they are protected from attacks, he added.