The SiteLock Research team has become aware of sites infected with fake WordPress plugins that provide cybercriminals with backdoor access and allow them to inject malicious content onto web pages. Below is a high-level overview of the plugins and malware being detected by our scanners and analyzed by SiteLock Research analysts. We also cover effective tips to help protect your site.
Category: Cyber Attacks (Page 1 of 8)
Imagine if one in every 15 websites you visited was secretly taken over by cybercriminals trying to steal your credit card information or other personal data. Now imagine if that website was your website, and you had no idea it was harming your visitors. This is the reality for many website owners, and now more than ever, they need to be on alert for cyberattacks in 2018.
In Q3 2017, SiteLock discovered alarming cybercrime trends that will likely affect websites for months to come. The most worrying trend for website owners: cybercriminals are increasingly using malware, or software that is used for malicious purposes, to take advantage of website visitors. In fact, nearly 15 percent of malware attacks targeted website visitors with the goal of exploiting them for sensitive data, website traffic, and other assets or resources. That’s not all: cybercriminals attempted to compromise more websites in Q3 2017 than in the previous quarter, increasing their attempted attacks by 16 percent.
Internet-connected devices can make our lives easier, from home assistants like Amazon Echo, to interactive toys like CloudPets. However, they’re also inherently insecure and easily hacked, a factor many overlook in favor of convenience. In our latest Decoding Security podcast, Website Security Research Analysts Jessica Ortega and Michael Veenstra discuss the risks of using internet-connected devices in our everyday lives, and the costs of security versus convenience.
We all know someone who’s been in a difficult position following a security breach. They are rushing to assess the damage, while simultaneously repairing website functionality to limit the compromise. It’s a stressful situation, especially if you’ve had to deal with a compromise more than once. Unfortunately for some website owners this is a reality — shortly after the initial security breach, the website becomes compromised again. It leaves the website owner asking why their website is being targeted and how the website re-infection is happening.
The short answer is that it’s most likely due to unresolved website vulnerabilities. While it may seem like you’ve been singled out and targeted by some menacing hackers, most of the time that isn’t the case. The majority of website compromises are preceded by automated campaigns that locate websites vulnerable to a particular exploit the hacker wishes to employ. The bottom line is, you aren’t the target that the hacker is singling out, it’s the software on your website. There are a couple main culprits for this scenario.
Websites experience 22 attacks per day on average— that’s over 8,000 attacks per year, according to SiteLock data. A website vulnerability is a weakness or misconfiguration in a website or web application code that allows an attacker to gain some level of control of the site, and possibly the hosting server. Most vulnerabilities are exploited through automated means, such as vulnerability scanners and botnets. Cybercriminals create specialized tools that scour the internet for certain platforms, like WordPress or Joomla, looking for common and publicized vulnerabilities. Once found, these vulnerabilities are then exploited to steal data, distribute malicious content, or inject defacement and spam content into the vulnerable site.
Merry Christmas from SiteLock! In the spirit of the season, we’ve created a satirical rendition of the 12 Days of Christmas to educate website owners about online risks. Watch the video to learn about some of the most common “gifts” cybercriminals are giving away this year.
Retail therapy is the act of shopping with the primary purpose to improve the buyer’s mood. This form of “therapy” is practiced among many consumers, with more than half of Americans admitting to making a purchase as a way to lift their spirits. As therapeutic as shopping can be, it also raises fear among many consumers – especially around the holiday season. With websites, including eCommerce sites, experiencing 22 cyberattacks per day on average, shoppers have good reason to be concerned.
With the holidays quickly approaching and online shopping expected to hit record highs, it’s the perfect time to make sure your customers, and your bottom line, aren’t at risk. In fact, shipping experts like FedEx, are predicting another record-breaking year of shipments driven by eCommerce purchases.
With the push for holiday shopping about to begin, we conducted a survey to take a closer look at trends in online shopping and how that relates to what we’re passionate about: website security.
Festive decorations adorn storefronts and holiday music fills every shop; a reminder that the holiday season is upon us. It is a busy time of the year, full of parties, reunions with family and friends and plenty of shopping.
According to the National Retail Federation, 2016’s holiday sales are expected to increase 3.6 percent over last year to 655.8 billion dollars. Shoppers are estimated to spend an average of $935.58 on gifts, food, décor, cards, and personal purchases.
That means a lot of time spent in stores and online looking for just the right gift, decoration, or meal for the season. It is also a prime time for a crime, especially if you’re shopping online.
National Cybersecurity Awareness Month (NCSAM) is observed every October to raise awareness around the importance of cybersecurity. As we head into a new month, we remain focused on promoting the importance of practicing vigilance about cybersecurity year-round.
At SiteLock, our mission is to help create a secure Internet for all users. Regardless of industry, age or education, cybersecurity concerns us all. Cyberattacks can impact individuals as young as children, and organizations as large as Yahoo. Learn from the examples we provide in this blog as SiteLock President, Neill Feather, weighs in on why cybersecurity should matter to you.