The SiteLock Research team has become aware of sites infected with fake WordPress plugins that provide cybercriminals with backdoor access and allow them to inject malicious content onto web pages. Below is a high-level overview of the plugins and malware being detected by our scanners and analyzed by SiteLock Research analysts. We also cover effective tips to help protect your site.
Page 2 of 34
MarlowesMemphis.com is the online face of Marlowe’s Ribs and Restaurant in Memphis, TN. Established in 1974, Marlowe’s has become an institution in Memphis with a loyal base of local customers, national and international tourists that flock to Elvis Presley’s iconic mansion, Graceland, while stopping for a bite to eat on the way. In fact, Marlowe’s is one mile south of Elvis Presley’s estate, which welcomes more than 500,000 visitors each year. Marlowe’s uses its website to capitalize on these tourist visits by offering online ordering for take-out, delivery, drive-thru pick up window, or reserving their free pink limo shuttle to bring customers to the restaurant for their World Class Award Winning Memphis-Style BBQ.
Cybersecurity issues can occur anywhere, even in cardiac devices and pacemakers. The U.S. Food and Drug Administration (FDA) announced an upgrade to the firmware installed on certain vulnerable cardiac devices. The update protects these devices from unauthorized access that could be harmful to patients. Also making headlines last week, Georgia’s governor vetoed a bill that would have criminalized unauthorized computer access. The bill received blowback from the state’s booming cybersecurity industry for claiming vulnerabilities in important computer systems would not be uncovered and disclosed responsibly. As a result, cybercriminals would be able to exploit them with ease.
Since joining forces in July 2017, Patchman and SiteLock have shared the same vision of protecting every website on the internet. In November of 2017, that mission continued with the announcement of a partnership with the popular Content Management System (CMS) Joomla!. Now Patchman is proud to announce the next phase in that mission, by sponsoring a member of the Joomla! Security Strike Team (JSST). “The partnership with Patchman is very beneficial for the Joomla! security team, because it provides what our volunteer-based team needs the most: scheduled and continuous developer hours to triage new reports and develop patches,” says David Jardin, the JSST Team Lead.
As a publisher, editor, and fan of the bucking bull industry for over 20 years, Terry Lidral brought her passion for ranch and rodeo to life by creating www.buckingstocktalk.com. The online magazine is dedicated to keeping bucking stock enthusiasts informed with monthly updates on industry news.
Decoding Security is celebrating National Small Business week by sharing simple recommendations that small businesses can use to protect themselves from today’s ever evolving cyberthreats. But first, we take a look at what’s trending in the news. Two additional security updates were released by the Drupal security team last month as part of continuing maintenance efforts after the discovery of the initial Drupalgeddon2 vulnerability in March. Drupal is urging its users to implement these updates immediately to avoid possible compromise. Meanwhile, the RSA Security Conference took place in San Francisco last month, drawing thousands of attendees from across the globe. However, the third-party mobile app built for the mega IT security conference was found to have a vulnerability, which could have potentially leaked the first and last names of attendees.
In March, Drupal released version 8.5.1 addressing several critical security vulnerabilities. At that time, there was no evidence of the vulnerability being exploited to attack Drupal sites However, on April 12, 2018, a security research firm released a detailed analysis of the vulnerability and steps to exploit it. In the days since this release, multiple exploits of the Drupalgeddon2 vulnerability have been reported.
Continuing to deal with the fallout from the Cambridge Analytica data scandal, last week, Facebook founder and CEO Mark Zuckerberg, testified before U.S. Congress admitting he never audited Cambridge Analytica to ensure the Facebook user data collected had been deleted. Also in the news this week, Panera Bread experienced a data breach that exposed millions of customers’ personal data for as long as eight months. Despite being warned by multiple security researchers, Panera did not disclose or address the leak until last week.