This Week in Exploits: An Overview of SiteLock Research Efforts

As SiteLock continues to innovate and push the boundaries of web site protection, we’ve invested in and grown our research team to provide new capabilities and content for customers and the security community at large.

This week, we will discuss what the SiteLock Research Team is, the team’s mission, and provide an overview of the team’s emerging efforts, as well as where to find and how to interact with the team.

The SiteLock Research Team (SiRT), located at our Scottsdale offices, is a team of experienced developers and security analysts with years of industry experience and hours upon hours wading the sea of malware that SiteLock mitigates. The team currently focuses on malware analysis, signature creation, training, and tool creation. Automating malware cleans, improving malware detection, and decoding automation are all improvements the team have accomplished.

The mission of the Research Team is to provide SiteLock customers and the security community security-significant alerts, information, and trends, responsibly disclosed, about the latest developments in vulnerabilities and exploitation.

The new push of the Research Team is two-fold: First, contribute to the WordPress community by analyzing plugins and themes for unknown vulnerabilities, along with the creation of timely WordPress-specific security content. Our WordPress vulnerability research will use the SiteLock TrueCode static analysis tool to help root out difficult-to-find vulnerabilities. The use of security industry and custom tools will provide POCs for developers and the community. The new WordPress security information push will include the new vulnerability research as well as the latest in WordPress news and developments, much of which will come from SiteLock’s unprecedented window into the world of WordPress malware trends.

The second component of SiRT’s emerging research efforts is to expand research to other platforms – Joomla, Drupal, Magento – and focus information dissemination in the most efficient and responsible manner possible.

How can you find this information and interact with the Research Team? is the first stop for the latest web security developments and is where SiRT will publish new, responsibly-disclosed vulnerabilities. Also, for Twitter fans, follow @SiteLockSecure and @sitelockweston for updates.

You can interact with Research Team on the SiteLock blog by sharing stories, sharing and replying to tweets, and contacting SiteLock directly at support [at] sitelock [dot] com. Again, stay tuned to The SiteLock Blog for information regarding the launch of new SiteLock research content.

This Week in Exploits: Phishing Attacks and How to Counter Them

In this week’s post, we take a look at “in-the-wild” phishing attacks and how to counter them. Protecting yourself from phishing and malware attacks is not only important, it’s a fundamental Internet survival skill, made even more essential if you have a web presence you depend on. A compromised workstation could lead to compromised credentials, ultimately leading to complete control of your website by bad actors. We don’t want that.

Attack 1

The first attack is an unsolicited email sent to a generic enterprise email address. The attacker attached a zip file (, which when decompressed contained a single .shtml file, Kyle_Hanna_resume.shtml.

Gee, thanks, Kyle

The .shtml file contained an iframe that loaded PHP from a legitimate site registered in 2009. Legitimate, but compromised. Malicious PHP on the compromised site, loaded from the iframe, downloaded a file stored on Google Drive, my_resume.scr.


The iframe and file download

Scr files are executable, and this file’s icon was changed to look like a PDF file ready for viewing. This is probably enough to fool more than a few users, especially with the Windows feature ‘Hide extensions for known file types’ turned on by default.

PDF it is not.
PDF it is not.


At the time of the attack, VirusTotal had a detection ratio of 7/55. Malicious, yes, but a low detection rate at the time. (Detection is 42/57 now.) The file was a version of ransomware, like Cryptowall or Cryptodefense, which encrypts a user’s files and the files on mounted network drives, demanding money to decrypt them.

Attack 2

Often malware attacks are multi-functional like our next example. Starting again with an unsolicited email and attachment, the attack vector was an actual PDF (p.o document.pdf), which directed the viewer to malicious code at another legitimate, compromised domain.

Once directed to the compromised page, a data URI generated a phishing page that prompted the victim for email credentials to view the ‘protected’ PDF.


Data URI and phishing page

The data URI also generated VBScript which attempts to write malware to a file called svchost.exe and run it.

Malicious VBScript

The malicious PDF had a detection ratio of 0/56 on VirusTotal at the time of the attack. Knowing that antivirus would not have caught the malware is something to note. You are the first step in protecting yourself from phishing and malware attacks. Technology alone is not enough to protect you.

Protecting Yourself

To start the discussion of protection, we must first speak of user habits. You are the first line of defense against attacks. Often called the human firewall, users must consider the security implications of their actions and act accordingly when interacting with information technology and the net.

Security conscious decisions include:

  • Never opening attachments from unsolicited communication, like email, chat, etc.
  • Only visiting known, reputable websites
  • Using strong, non-dictionary passwords
  • Never reusing those passwords
  • Using a password manager like LastPass, KeePass, etc.
  • Using two-factor authentication wherever possible

Adopting these security conscious habits improves security effectiveness and, with technology, rounds out a robust security posture. Secure technological habits include:

  • Keeping your operating system and third-party programs up to date with the latest versions and patches
  • Using antivirus with up-to-date definitions
  • Using a malware scanner like Malwarebytes

Both phishing attacks used the compromised websites of legitimate organizations to distribute malware. SiteLock web security products keep your website secure and from becoming one of the compromised. Products like the TrueShield web application firewall and the SiteLock INFINITY Scanner provide 360 degree coverage for your site’s security, 24/7, 365.

This Week in Exploits: The Ups and Downs of Malware Payloads

We’re kicking off a new blog series here at SiteLock to share some of the insight we gather every day with folks interested in learning more about the web application security landscape. In this space, we’ll cover various topics each week – everything from CMS security to malware, to vulnerabilities and best practices.

One of the interesting things about tracking malware campaigns is to observe their changing behavior as the campaigns shift to different targets, employ new tactics to evade detection, and propagate new malware, based on the changing economics of the campaigns. Below is an example we have seen take shape and evolve over the past few weeks that should give readers an example of how these changes occur and what is going on behind the scenes of a large-scale malware attack campaign.

We recently watched the rise of Neutrino campaign payloads here at SiteLock. Our Malware Scanner found the payload across multiple CMS platforms – WordPress, Joomla, Drupal – and multiple versions of said platforms. The payloads were inserted into cache files, a clever place to hide payloads. The injecting malware was caching system agnostic, targeting W3 Total Cache, WP Super Cache, and Falcon Cache on WordPress for example.

The payload ultimately takes the form of a hidden div which includes an iframe to a malicious domain. JavaScript was used to set a cookie which was used by the malware to track visitors and only serve the payload to first time visitors (using Internet Explorer for example).

Figure 1

Figure 1: Example Neutrino Payload

The malicious domains changed rapidly and expired quickly. Commonly seen domains included:

1 [dot] yaaaa6 [dot] xyz
1 [dot] zaaaa3 [dot] xyz
gnveesy [dot] firingpin [dot] xyz
lpjwdudp [dot] ldhunrpuahylqclz [dot] ml
mdwlbhn [dot] bmqhkvsmewre [dot] ga
reajusteraient [dot] clubina [dot] com
user [dot] infernomushroomx [dot] com

Again using WordPress as an example, we watched the payload propagate across WordPress installs with various and multiple vulnerabilities – outdated WordPress installs, Revslider, and Gravity Forms to name a few. WordPress infections dominated due to the dominant install base, and the attacks likely originated from an exploit suite designed to attack multiple vulnerabilities through different CMSs and plugins.

As is common with malware (and fighting malware) Neutrino payload numbers died off, and in its stead we saw the rise of a new prefered malicious payload, VisitorTracker.

VisitorTracker was a PHP or JavaScript payload injected into JavaScript and PHP files, and which created a script tag which included PHP source based on a mobile or Internet Explorer user agent. The included PHP source stemmed from previously compromised domains. Here’s a JavaScript example of VisitorTracker. The PHP version was the same code base64 encoded.

Figure 2

Figure 2: Example VisitorTracker Payload

VisitorTracker went as fast as it came, likely due to its hiding-in-plain site tactic. It left a large footprint in JS files and was easy to spot and clean, especially for SiteLock’s dedicated engineering, research, and Security Concierge teams.

The rolling landscape of malware is a constant challenge. SiteLock tracks and mitigates malware in its many forms 24/7 and we’ll share our, ahem, exploits here weekly.

Cybersecurity Report: August 11, 2015

Screen shot 2015-04-14 at 12.19.10 AMFBI Understaffed to Ward off Cybersecurity Attacks, Report Says

Last week, the U.S. Department of Justice released a report that revealed some weaknesses in Next Gen Cyber, The Federal Bureau of Investigation’s cybersecurity program begun in 2012. Next Gen Cyber originally has a budget of $314 million and a total of 1,333 full-time jobs (including 756 agents), while the DOJ also asked for an $86.6 million increase in funding for 2014 to support this Initiative. The FBI had in total 52 open positions of the 134 computer scientists it was authorized to employee under the Initiative. However, it is getting a lukewarm reception from private companies and individuals who have privacy concerns. Besides, lower salaries as compared to the private sector and stringent rules about past drug use were other main problems faced by the FBI hiring.

FDA Warns of Cybersecurity Vulnerabilities of Hospira Infusion System

The U.S. Food and Drug Administration and pharmaceutical company Hospira announced last week that they were aware of cybersecurity vulnerabilities associated with the company’s Symbiq Infusion System. These devices are usually used in hospitals and nursing homes to allow for continuous delivery of general infusion. Hospira insisted in a statement that there had been no known breaches of their devices. However, the company was still working to provide its Symbiq customers with another layer of security for the devices. The FDA also mentioned that the devices were no longer being manufactured or distributed, recommending that healthcare facilities transition to other infusion systems as soon as possible.

Cybersecurity Bill Could ‘Sweep Away’ Internet Users’ Privacy, Agency Warns

Last Monday, the Department of Homeland Security (DHS) claimed that the controversial new surveillance bill Cybersecurity Information Sharing Act (CISA) could sweep away important privacy protections. CISA encourages private companies to share their sensitive corporate data with the government to prevent future cyber attacks and fortify national cybersecurity. However, this may raise serious privacy issues within private sectors. Privacy concerns have long been significant in the private sector, where the use of personal data at scale is largely unregulated. Data brokers like Experian are anxious about losing the ability to aggregate vast quantities of personal data and have been lobbying against the bill, calling it “the Darth Vader bill.”

J.P. Morgan to Accelerate Timeline for Cybersecurity Spending Boost

J.P. Morgan Chase & Co. expected to increase spending on cybersecurity in the upcoming years, accelerating its initial timeline of the spending growth in information security. According to a quarterly regulatory filing from the bank, its annual cybersecurity budget is expected to double this year, which would bring this year’s spending figure to about $500 million, marking a huge leap from $250 million in 2014. J.P. Morgan also expected its cybersecurity spending to remain at around $500 million in 2016  and will probably also remain the same or see an increase in the next four years. The bank is also working on strengthening its partnerships with government, law enforcement agencies and third-party service providers.

China to Embed Internet Police in Tech Firms

The Chinese government plans to embed cybersecurity police units at major Internet companies and websites to help prevent crimes such as fraud and spreading of rumors. China’s Ministry of Public Security didn’t reveal the name of companies that will have the new police units, but it is likely that the three e-commerce giants, Alibaba Group, Tencent and Baidu, will be on the list. It isn’t clear yet whether the cyberpolice units would apply to international, as well as domestic, tech companies operating in China. These physical police units at Web firms are part of Beijing’s broader efforts to exert greater control over China’s Internet.


Cybersecurity Report: August 4, 2015

security_planFiat Chrysler to Recall 1.4 Million Vehicles in U.S. to Prevent Hacking

FCA US LLC, formerly Chrysler Group LLC, announced on Friday that Fiat Chrysler will recall 1.4 million vehicles in US to install software to prevent hackers from gaining remote control of the engine, steering and other systems. According to federal officials, this is the first such action of its kind. This announcement was made several days after cybersecurity researchers succeeding in using a wireless connection to turn off a Jeep Cherokee’s engine as it drove. The National Highway Traffic Safety Administration also said on Friday that it would investigate whether FCA’s solution to upgrade software was enough to protect consumers from hackers.

It Looks Like the US Government Just Got Hacked Again – and This Time Anonymous is Claiming Responsibility

Last Wednesday, a group of hackers, who claimed to be a part of Anonymous, said that it had successfully hacked the US Census Bureau, compromising over 4,200 workers’ data in the process. The data alleging to be stolen includes the usernames, work email addresses and office phone numbers of the government department’s staff. The hackers claimed that the purpose behind this cyber attack is to protest the Transatlantic Trade and Investment Partnership (TTIP) and Trans-Pacific Partnership (TPP) trade negotiations. These trade negotiations are originally designed to improve trade relations and lower barriers between participating nations. However, it has also led to concerns within Europe that free, state-run health services could be privatised.

United Airlines Pays Out ‘Bug Bounties’ to Clean Up Security Gaps

United Airlines has paid out “bug bounties” to cybersecurity experts who found and exposed weaknesses in the airline’s website.The original announcement on the “bug bounties” program was announced in May, only a few weeks before the latest several technical glitches that grounded flights for nearly one and a half hour. According to United officials, the Chicago-based carrier borrowed the “bug bounty” idea from technology companies in Silicon Valley, which offers rewards to anyone being able to identify cybersecurity gaps. The United would give 1 million reward miles to whoever could find a loophole that allowed hackers to execute computer codes at the United website from a remote server. This reward equals to about three first-class round-trip tickets from US to Europe.

Planned Parenthood Confirms Attack from Anti-Abortion Hackers

Planned Parenthood confirmed on Monday that anti-abortion hackers had tried to compromise the information systems of the organization, potentially exposing sensitive data of their employees. A hacker called “E” claimed partial responsibility of the attack, saying that the hackers had pilfered internal files, emails and worker information. These hackers were also threatening to decrypt and unveil the organization’s internal emails next. According to the hackers, the attack was mainly aimed at “seeking to reclaim some sort of lulz for the years and thousands of dollars that Planned Parenthood have wasted and made harvesting your babies,” which could be regarded as an support of the recent appeal on stripping Planned Parenthood of its federal fundings.

Controversial Cybersecurity Bill Called CISA Likely Delayed Until Fall

Cybersecurity Information Sharing Act, or CISA, a bill that encourages private companies to share data with the federal government, is expected to be delayed until this September. The bill’s co-author, Sen. Dianne Feinstein, California Democrat argued that CISA could “incentivize the sharing of cybersecurity threat information between the private sector and the government and among private sector entities.” However, this bill is strongly opposed by privacy advocates. Earlier this week, digital rights groups including American Civil Liberties Union and the Electronic Frontier Foundation opened a website containing details on the cyber bill and a free service in which visitors could have their concerns automatically routed to the fax machines in all 100 US senator’s offices. As of Wednesday morning, more than a quarter-million faxes had already been sent. It was said that the grassroots effort might be the major reason for the Capitol Hill to postpone the bill.


It’s Never All About That Base: Three Non-Firewall Add-ons You Should Have For Website Security


Viruses used to be the only cyber security issue that companies worried about. With cyber threats increasing in variety, protecting your website is no longer about installing a basic firewall. You also need to consider all the right add-ons in all the right places to develop a multi-layered security plan.

To help you start your own deployment, below are three non-firewall add-ons that you should have in order to develop a comprehensive website security plan.

  1.      DDoS Attack Protection

Will your customers blame their slow internet connection when they have to wait 10 seconds for a page to load on your website? They might, but chances are they’ll also blame you. Long loading times are one of the major issues that turn customers away from a website. Recent research by Kissmetrics revealed that even a one second page delay could potentially cost businesses $2.5 million in sales each year. Simply upgrading your server may not be enough – instead, a slow website may be the result of a DDoS attack, which is executed by having multiple computers on multiple networks sending large amounts of requests to your website simultaneously, in an attempt to crash it.

Although DDoS attacks are hard to prevent, there are still solutions to mitigate the threat. One effective tool is the SiteLock TrueShieldTM Web Application Firewall. It offers the most comprehensive DDoS protection solution in the industry. This tool can target vital components of comprehensive DDoS attacks by providing application level, infrastructure and DNS protection, adding multiple security layers to your online business.

  1.      CDN Deployment

A DDoS solution will protect you from malicious attacks, but what about the large traffic that comes from actual legitimate users? Unexpected large traffic, no matter where it comes from, can compromise your website and leave it vulnerable to attacks, which may cost you millions in lost revenue.

One thing you can do to improve the speed of your website under peak traffic is to deploy a Content Delivery Network that can deliver cached web content to users based on their locations, through a network of servers located globally.  To help you with your own deployment,  SiteLock offers the TrueSpeed CDN. It dynamically caches content every five minutes and is effective in increasing website speed by an average of 50% to maximize its performance.

  1.      Website Scanner

Now that you have your external security layers for speed optimization and protection ready, you should start monitoring your website 24/7 and make sure that all customer activities happening there are also secure. One of the most effective and efficient ways to achieve this goal is by employing a website scanner that runs in the background and can immediately identify and remove malware and vulnerabilities. A good website scanner can also ensure network security by monitoring FTP and file exchange, protecting your database from SQL injections, and checking ports on your server to make sure only appropriate visitors gain access to your website.

If you are expecting a comprehensive website scanner that integrates both detection and removal functionality, Sitelock INFINITY will be a good choice. It provides well-designed and continuous scanning, including 24/7 monitoring, automatic detection and automatic removal. It will help mitigate cyber attacks, and more importantly, protect your customer’s valuable data 24/7.

Virus is no longer the only cybersecurity issue that companies worry about. The recent Kaspersky Lab cyber attack, the major OPM data breach and the government’s new policies on fortifying cyber security protocol at workplace all push the corporate IT team to develop a more comprehensive security plan to protect proprietary data from threats coming both from the inside and the outside. It’s time to have something beyond the base, for this is the best way to counter increasingly rampant cyber attacks in this dangerous cyberspace.

Cybersecurity Report: July 28, 2015

malware surgesUCLA Health Hacked, 4.5 Million Victims

Last week, hackers broke into UCLA Health, the hospital network of the University of California, Los Angeles,acquiring access to database with sensitive records of 4.5 million people and potentially affecting four hospitals and 150 offices across Southern California. According to the university, the potential breached information included names, medical information, SSN, Medicare numbers, health plan IDs, birthdays and physical addresses.The network made this announcement two months after the data breach was discovered. The hospital group is now offering affected staffs and patients one year of identity theft recovery services.

National Security Agency Teaches Students Ethical Hacking, Cybersecurity

The National Security Agency is offering middle- and high school students in the United States the opportunity to learn cracking secured passwords. The agency supports dozens of free summer camps nationwide, named GenCyber summer camp, educating young students about entry-level knowledge on responsible hacking, cracking and cyberspace defense. According to a report from The New York Times, over 1,400 young students chose to join the dozens of free NSA-supported overnight and day camps nationwide. The goal of the camp is to lure potential recruits and trigger interests in the field of cybersecurity. NSA officials stated that developing the future cyberspace workforce is a national security concern.

Israel and U.S. Issue Joint Statement on Cybersecurity Coordination

Last week, Alejandro Mayorkas, the U.S. Deputy Secretary of Homeland Security, traveled to Israel to meet with Israeli Minister of Public Security Gilad Erdan and representatives from other department to discuss the cybersecurity challenges facing both countries. They specifically discussed opportunities for joint investment in cybersecurity and signed a joint statement confirming their commitment to promoting cooperation and information sharing on cybersecurity and cyber research and development.

Cybersecurity Intern Accused in Huge Hacking Bust

Last Wednesday, the U.S. Justice Department announced a massive international bust of Darkode, an online black market for hackers. Morgan Culbertson, a 20-year-old sophomore at Carnegie Mellon University from Pittsburgh, was accused of creating a malicious malware that infects Android phones, steals data and controls the device. According to federal investigators, Culbertson was the creator of the infamous “Dendroid” malware that allows anyone who pay the fee — $300 — could turn any legitimate Android app into malware and allowed hackers to remotely take screenshots, photos, videos and audio recordings.

Canadian Government Assigns $142M to National Cybersecurity Program

According to Steven Blaney, Public Safety Minister of Canada, the Canadian Federal Government has allocated over $142 million in new funding for national cybersecurity programs. The money will be added to the previously budgeted funds for use against data breaches, website hacks, and online fraud targeting non-federal government systems deemed essential. This government release refers to the economic cost of cybercrime, which includes $29 million from only fraud in 2013. The funds also increase the total cybersecurity investment by the Canadian government by $142.6 million from $94.4 million to $237 million over the next five years.

Cybersecurity Report: July 21, 2015

Website SecurityOPM Director Katherine Archuleta Steps Down

Office of Personnel Management Director Katherine Archuleta resigned last Friday, a day after revealing that the recent data breach of employee information was much larger than originally thought and had probably affected 22.1 million current, former and prospective US government employees and their family members. Archuleta’s departure has been confirmed in an email she sent to OPM staff. Beth Cobert, previously the U.S. chief performance officer and a deputy director at OPM, has taken over as the acting director of OPM since last Saturday.

Army National Guard Struck by Data Breach

Last Friday, officials of Army National Guard alerted its current and former members that a data breach might have exposed private information of members since 2004 because files containing personal information was inadvertently transferred to a non-DoD-accredited data center by a contract employee. The breach may have leaked members’ names, full Social Security addresses, dates of birth and home addresses. According to National Guard, there was little evidence that the incident was related to cybercrime. The National Guard Bureau has set up a website and a call center for members who are worrying about their information following the breach.

The Latest Security Law Illustrates The Chinese Government’s Love-Hate Relationship with The Internet

Last week,Chinese government published the latest People’s Republic of China Cybersecurity Law, which directs a number of decrees at entitles providing “critical information infrastructure.” The term is likely to refer to any technology company that is in a certain scale and with a certain amount of user data, such as big tech companies like Apple, Baidu and Huawei. Many of the provisions in the law, also has yet to be formally pass, requires tech companies to provide basic protections for users, such as not selling user data to third parties without permissions. Other sections reflects the government’s focus on tightening policies for China’s internet companies. These policies include measures that allow state to cut off the internet to “protect national security,” and measures that require users to use their real names to register for certain services.

Boston to Beef Up Cybersecurity Measures

Boston is now developing a next-generation firewall to protect the Hub from cyberattacks, which is a part of an effort to spend $3.5 millions through 2020 to beef up cybersecurity in the coming years. The new firewall will add to the city’s existing cybersecurity tools and is expected to be fully operational by the end of the year. The rest of the money will be partially used to improve the network’s ability to continue operating in the event of an outage or a glitch. Although Boston hasn’t had any breaches it is aware of, but there are third parties constantly scanning the city’s networks looking for vulnerabilities. The city’s million-dollar plan aims at protecting Boston from cyber attacks of all sizes coming from any place.

Facebook Program Inspires Young Girls to Try Cybersecurity Careers

Partnering with San Jose State University’s Jay Pinson STEM Education program and CyberGirlz, Facebook created an after-school program and specialized camps to provide underserved female students  with support, encouragement and baseline understanding of security principles, hoping to inspire more girls to pursue a career in cybersecurity sphere before they get into high school. Each of the 38 girls participated in the camp received free blue Facebook HP computers to make sure that they were able to continue their coding work after the camp. Alex Stamos, Facebook’s Chief Security Officer, shared with the participants on how the cybersecurity area is hoping to welcome more female professionals and encouraged students to participate in bug bounty programs to get practices.Members from the Girls Who Code group also participated in the camp.

Cybersecurity Report: July 15, 2015

Website protection
Protect your website from hackers and cybercrime.

Hacktivist Group AnonOpsIndia Hacks BSNL Website, Days After Hacking Nation’s PAN Database

As a protest against the Indian government’s recent push on net neutrality and Digital India, AnonOpsIndia, a hacktivist group, compromised BSNL (Bharat Sanchar Nigam Limited) Telecommunications’ websites on Friday. Prior to the BSNL hack, AnonOpsIndia, usually referred as “Anonymous India,” has already compromised the nation’s PAN database and a coal-sector website last week. In the BSNL attack, the group replicated the entire database of the organization which had sensitive information of over 30 million users. The group described the main purpose of the attack as below, “When the government stops listening to the people, it’s time to wake them up. There will be no #DigitalIndia until and unless government of India stops their surveillance projects & make their systems secure.”

Mastercard Testing Facial Recognition Security App

Mastercard is testing a smartphone app that uses facial recognition to verify online purchases. Users can hold their phones up to the face level to approve transactions. This is not the first time facial recognition was used in verification of online purchases. When Google first tried this technique on Android phones, problems were quickly surfaced. For example, people could simply take a photo of somebody else and present it to the camera to unlock the phone. Although Mastercard’s app requires users to blink to prove that they are human, people could still spoof this by animating photographs. Until now, Mastercard’s facial recognition trial has involved 500 users in U.S.. Security experts think that the facial recognition technique should to be an extra layer of security, such as a companion with a PIN, instead of the only security guard of online transactions.

WikiLeaks: US Spy Agency Targeted Top Brazilian Officials

WikiLeaks, the whistleblowing website, published a National Security Agency list of 29 Brazilian government phone numbers that the American spy group monitored. Aside from the list of numbers, which included the number of Brazilian President Dilma Rousseff, NSA was also found to have been targeting top political and financial officials. According to The Intercept, the publication that first reported the WikiLeaks data, the surveillance was alleged to start no later than 2011 and there was no indication that the eavesdropping had stopped. This latest WikiLeaks disclosure was followed by the website’s recent releases about the surveillance of U.S. on German and French government officials.

Cyber Attack on Edinburgh City Council

It was recently released that the database of Edinburgh City Council was compromised in a malicious cyber attack happened at the end of June. More than 13,000 email addresses were stolen. The council assured those affected that no other personal data were accessed, but there would be a potential increase in spam or phishing emails. The incident was reported to both the Information Commissioner and the UK Government’s Computer Emergency Response Team. According to a council spokesman, preventative measures have been taken by the web service providers to make sure that the risks associated with attacks are carefully dealt with.

Outages at NYSE, United Airlines, Expose Digital Vulnerabilities

On Wednesday morning, the New York Stock Exchange suddently halted all trading due to unexplained technical problems, United Airlines grounded all 4,900 worldwide flights, and the returned a 504 error indicating some systematic error on tne news organization’s servers. Operations at, United and NYSE were all back to normal in a couple of hours. None of the officials from these three organizations, neither does White House Press Secretary Josh Earnest, has acclaimed that the outage was part of a cyber attack. NYSE officials have been working with the Department of Homeland security, the Securities and Exchange Commission and the Treasury Department to resolve the situation.


How VPS Hosting Can Help Secure Your Website

pciHosting your website on a Virtual Private Server (VPS) can be a great way to improve your website’s security when compared to shared hosting. Why?

Think of shared hosting as sharing an apartment – it’s economical, but roommates can often bring on unnecessary trouble. If a thief steals some of your roommate’s belongings, chances are they’ll steal yours as well. Similarly, if a hacker injects website malware into another website on the same server as yours, it can affect your website as well.

With a VPS, your website has its own partitioned space, operating system and (usually) unique IP address, isolating it from cyber attacks. A VPS also provides access to the console, something that shared hosting usually doesn’t allow, which can be helpful when removing malware.

Neill Feather, President of SiteLock, has written a blog post explaining more security benefits of a VPS and website firewall on IT Toolbox – you can read it by clicking here.


Get every new post delivered to your Inbox.

Join 60 other followers

%d bloggers like this: