Category: Cybersecurity News (Page 1 of 6)

SiteLock Website Security Insider

Introducing the SiteLock Website Security Insider

SiteLock is excited to announce the publication of its first quarterly website security report, The SiteLock Website Security Insider Q2 2017!

The SiteLock Website Security Insider Q2 2017 includes analysis and trends based on proprietary data from over 6 million websites. The report delivers exclusive insight into the most common threats website owners faced in Q2 2017, including:

  • Malware Trends – Spam accounted for over 62% of total malware files on hacked websites in Q2 2017. This section explores malware breach incidents to determine the reach and severity of individual malware types and families.
  • Content Management Systems Risks – In Q2, 69% of infected WordPress websites were running the latest security patches for WordPress core at the time of compromise. We explore the increasing infection rates for various popular content management systems (CMS) in this section.
  • Plugin Risks – We found that WordPress websites with 20+ plugins are 3.6 times more likely to be compromised than the average website. Learn how the number of plugins can broaden a website’s attack surface and risk of compromise.
  • Website Attacks – Websites experienced 63 attacks per day, per website on average in Q2 – an upsurge from 22 attacks per day in 2016. This section discusses the common trends and prevalence of attack vectors.
  • Common Vulnerabilities – Websites with cross-site scripting (XSS) vulnerabilities averaged 74 vulnerable URLS each in Q2. Learn the prevalence of the top vulnerabilities websites faced in Q2 2017 and why they are so attractive for adversaries to exploit.
  • Social Media Risks – Websites linking to Twitter are 2.7x more likely to be compromised than the average website. As Twitter follower count increases, so does the risk. This section explores how social media can contribute to a website’s likelihood of compromise.

Research from this report will help website owners around the world prepare and respond to today’s ever-evolving cybersecurity threats. This report also presents security best practices that all website owners can leverage and easily implement into their current website strategy.

Click here to download your copy of the The SiteLock Website Security Insider Q2 2017!

Malware

Apache Struts Vulnerability Found and Patched

A vulnerability was recently discovered in Apache Struts, a popular framework for web-based Java applications, which allows for remote code execution on affected servers and allows for complete control of the application. The framework is commonly used by large, sophisticated organizations such as Lockheed Martin and Citigroup, meaning the vulnerability could affect up to 65% of Fortune 100 companies, resulting in large scale data breaches and private consumer data theft.

Found by lgtm.com security researcher Man Yue Mo, the vulnerability stems from unsafe deserialization of user supplied data to the REST plugin, which allows API access to the Java application. Researchers contacted the Apache Foundation directly, allowing the plugin developers to patch the issue before widespread exploitation. As of this writing, at least one live exploit has been seen in the wild, and a Metasploit module was released.

Apache Struts joins a growing fraternity of widely used applications to see an API vulnerability this year, including WordPress and Instagram. WordPress shared a similar experience where the exploit was discovered before widespread attacks, but many users failed to update and suffered compromise and data loss. The Struts vulnerability is more complicated to exploit which should result in a less dramatic rise in attacks. Regardless, patches should be applied as soon as possible, as a proactive security stance is more effective.

Apache Struts users are urged to upgrade to version 2.3.34 or 2.5.13 respectively, and additional information is provided by Apache on the official struts webpage at: https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.3.34 and   https://struts.apache.org/announce.html#a20170905.

More sophisticated exploits are likely to occur as this vulnerability is examined. The best option for mitigation is to patch Struts as soon as possible to the recommended versions and regularly check for updates. Website owners should also consider adding a web application firewall and malware scanner to mitigate or reduce the severity of compromise.

SiteLock TrueShield customers are already protected against this exploit. Attempted attacks will be caught and blocked by the TrueShield WAF. If your website isn’t protected, call SiteLock at 888.878.2417 to get TrueShield installed today.

rnc data breach web security best practices

The RNC Data Breach: Pitfalls of Neglecting Web Security Best Practices

In a recent security report, researchers revealed an unsecured archive of US voter data collected by Deep Root Analytics, a data firm connected to the Republican National Convention (RNC). The exposed data — which included full names, addresses, and phone numbers of 198 million registered voters — was uncovered by a security researcher in an internet-accessible database with no password protection or any other security measures. The database has been secured at the time of this writing, but it remains unclear how long this data was exposed to the internet.

It may be easy to assume exposures of this nature are an inevitability. After all, a data analytics firm associated with a major political party sounds like a clear target for bad actors. However, the data was discovered by a researcher performing unrelated searches through Amazon’s S3 infrastructure for any unprotected data, not targeted attacks against Deep Root Analytics or even voter data in particular. This fact underscores a critical necessity of the Internet: prioritize the security of your data at all stages of its life cycle. Your data needs to be secure where it’s stored, during network transit, and when it’s in the hands of third parties. This data leak in particular was the result of the RNC failing to properly ensure the security of their data in the hands of a third party contractor.

Read More

ftc protecting small businesses

New Government Website Highlights Small Business Cybersecurity Risks

The US Federal Trade Commission (FTC) recently launched a new website aimed at educating small business owners on the risks of cybercrime and the steps they can take to protect their business.

“Small businesses are critical to our economic strength, building America’s future, and helping the United States compete in today’s global marketplace,” said FTC Acting Chairman Maureen Ohlhausen. “This innovative new website is a one-stop shop where small businesses can find information to protect themselves from scammers and hackers, as well as resources they can use if they are hit with a cyberattack.”

Read More

Malware

Trending “Fireball” Adware Raises Botnet Concerns

Earlier this week, security researchers reported on a trending adware infection known as Fireball. Sourced to the Chinese marketing firm Rafotech, reports indicate a footprint of more than 250 million infected machines worldwide. While the infection currently appears to only make changes to victims’ browser homepages and search engines, analysis suggests that the software could be remotely leveraged to act as a malware dropper. A malware dropper is a program that can be used to remotely install malicious software onto a victim’s computer or network. This can be performed after any amount of time following the installation of the dropper itself.

If true, it’s possible that infected systems could be made part of a botnet and used to carry out new types of attack over the Internet.

The Fireball adware is being distributed via freeware software installers through a method known as bundling. You’re likely to have seen bundling yourself at some point. Legitimate software developers use bundling as a way to monetize the release of otherwise free software. When you download and install such a program to your computer, you may notice that you’re being asked to install additional, unrelated software, like toolbars or free trials of a different company’s programs. While annoying, most cases of bundling are simply a way for developers to make money while releasing a free product. However, this can also be used to deliver PUA (Potentially Unwanted Applications), like adware, software that can track your behavior online and serve advertisements based on this data.

Because of this, it’s important to remain mindful of the sources of programs you install. Cracked versions of paid products frequently include malicious files that can be used to infect your systems. For website owners, this also applies to pirated versions of software that you might want to install on your website, like premium WordPress plugins and themes. Even if the pirated files are free of malware, they do not typically receive security patches from the original developers, or they could be configured to download a malicious component at a later time. This can open your website to a myriad of vulnerabilities that can be exploited by attackers to cause further damage to your online reputation.

Another point to consider, in the wake of Fireball’s massive online footprint, is the potential for damage caused by a botnet of this size. Malicious tasks that would be practically impossible for a single machine to perform (bulk hash cracking, login bruteforcing, denial of service attacks, etc.) become trivial when an attacker can utilize a quarter billion machines simultaneously to accomplish their goals. The potential for mobilization on this scale means it’s as important as ever to ensure tight security on all of your systems.

Strong passwords are a good start. Changing passwords regularly is another important step, given the frequency of major data leaks across the internet. By changing your credentials, you render a previously leaked password useless.

Protecting your website from bot traffic is a critical step in preventing malicious activity on your site. SiteLock TrueShield, a web application firewall,  provides effective traffic filtering that can drastically limit the impact of these attacks. Contact a SiteLock Website Security Consultant at 855.378.6200 to find the right security package for your business. We are available 24/7/365 to help.

iot vulnerability

WikiLeaks: Many Internet Connected Devices Have Vulnerabilities

A series of internal CIA documents released Tuesday by WikiLeaks serve as a reminder that any computer, smartphone or other device connected to the internet is vulnerable to compromise.

The 8,761 documents detail a CIA hacking program with 5,000 registered users that produced more than a thousand hacking systems, Trojans, viruses, and other “weaponized” malware. The scale of the program was so massive that by 2016, its hackers had utilized more code than what is currently used to run Facebook.

Read More

pci compliance

PCI Compliance: The Key To eCommerce Customer Trust

Picture this. You just launched your first company website to sell your clothing line. Customers are purchasing products, and you’re starting to make a profit, then BAM! You get hit with a fine because your website is not PCI compliant. What’s next?

What Is PCI Compliance?

PCI Compliance is a security requirement created for online merchants by five of the major credit card companies, American Express, Discover Financial Services, JCB International, Mastercard and Visa, to protect customers and reduce fraud.

Read More

website security

Why Cybersecurity Matters

National Cybersecurity Awareness Month (NCSAM) is observed every October to raise awareness around the importance of cybersecurity. As we head into a new month, we remain focused on promoting the importance of practicing vigilance about cybersecurity year-round.

At SiteLock, our mission is to help create a secure Internet for all users. Regardless of industry, age or education, cybersecurity concerns us all. Cyberattacks can impact individuals as young as children, and organizations as large as Yahoo. Learn from the examples we provide in this blog as SiteLock President, Neill Feather, weighs in on why cybersecurity should matter to you.

Read More

technology risks

It’s a Scary Cyber World

We live in a world where technology rules. From our phones to our cars, we are constantly connected to something, somewhere, at all times. In most cases, the convenience of technology enhances the quality of our lives. But as consumers, there are technology risks and threats we need to be aware (and beware) of. We don’t mean to spook you, but let’s talk about the scary side of the cyber world. 

Read More

cybersecurity for web designers and developers

Web Development and Cybersecurity – Are You Protecting Your Clients?

Cybersecurity continues to be an evolving challenge for website designers and developers. Everyday, hackers create new malware strains and perform sophisticated attacks that can devastate client websites.

SiteLock is promoting Cybersecurity Awareness Month and as a web designer or developer, it is imperative that you understand your role in the security of your clients’ websites. Many people assume that you are handling every aspect of the site, including its protection. Because of this, you must take action and understand how to provide that security.

Read More

Page 1 of 6

Powered by WordPress & Theme by Anders Norén