Retail therapy is the act of shopping with the primary purpose to improve the buyer’s mood. This form of “therapy” is practiced among many consumers, with more than half of Americans admitting to making a purchase as a way to lift their spirits. As therapeutic as shopping can be, it also raises fear among many consumers – especially around the holiday season. With websites, including eCommerce sites, experiencing 22 attacks per day on average, shoppers have good reason to be concerned.
Tag: Website Scanner
The term, “security by obscurity” implies that the less popular and attention grabbing your website is, the less likely it is to be targeted by cybercriminals. The truth is, there is no such thing as “too small to hack.” Read our infographic to learn more.
Websites experience 22 attacks per day on average. That’s more than 8,000 attacks per year, per website. You might assume the majority of these attacks are aimed at eCommerce sites because they accept and store credit card information, but actually, the eCommerce sector accounts for only one percent of compromised websites.
More often than not, when people think of a hacker, they think of someone technologically infiltrating a network and stealing mass amounts of sensitive information sitting behind it. In actuality, hackers tend to employ methods that take advantage of individual users, often in tandem with some form of social engineering.
The new school semester has begun and is off to a great start. Your students are engaged, prepared and full of spirit. Ready for their first test, they log in to their online student portal to access the exam. Just as the test is about to begin, the website crashes. Panic ensues among the students, who instantly turn to twitter and email for help.
Here’s what happened: The school did not have proper website security in place and consequently was the target of a cyberattack that shut down its website. Higher education institutions are attractive and lucrative targets to cybercriminals. In 2015, the education sector was among the top three sectors breached, behind healthcare and retail. College campuses store a wealth of confidential student and faculty data, including medical records, financial information and intellectual property for products and prescription drugs. Some of the most common attacks cybercriminals use to breach higher education institutions are hacking, malware and DDoS attacks.
Can you tell the difference between the two ads below?
Advertisement A Advertisement B
They may appear to be identical, but actually, they are far from it. Advertisement A is a perfectly legitimate ad, while Advertisement B contains malware.
Advertisement B is an example of malvertising, or malicious advertising. Malvertising is a hack cybercriminals use to spread malware via online advertisements. As you can see, malvertisements are deceiving and the damage can go beyond your website by infecting your computer with malware.
Cybercriminals are unpredictable. They’ll surprise you by sneaking into your website, executing attacks and harming your data and business. You can think of it like a baseball game, in which the hacker is trying to make it to the next base without getting called out. Secure all your bases by learning a little about how hackers attack your website.
It is hard to keep track of all the websites that are compromised on a daily basis. Cybercriminals are constantly crawling the web for targets, and they’ll often go after websites you might not expect, such as a vegan cooking blog. So what does a hacker look for in a website? And why would they be tempted to attack your site? Here are some examples so you have an accurate picture of common website attacks.
Recently, a security researcher released a zero-day stored XSS vulnerability in WordPress, meaning it was previously undisclosed and, at the time, unpatched. The vulnerability affected the latest versions of WordPress at release, including 4.2.
The vulnerability involves how WordPress stores comments in its MySQL database. Comments are stored as text and the size of that text is limited to 64 kilobytes, or 64,000 characters. Given a previously approved comment, an attacker could create a malformed comment using approved HTML tags and tack on 64 kb of any character (perl -e ‘print “a” x 64000’). The 64 kb of junk is truncated and what’s left is a malicious comment in the database which will run whenever it’s viewed. And what can run is up to the attacker – creating backdoors, stealing credentials, malicious redirects and more.
If you run WordPress, here’s what you need to know.
SiteLock is proud to present our latest feature in our dashboard: the SiteLock Malware Automated Removal Tool or SMART. SMART has the ability to take (S)FTP credentials to your website and scan the files hard-coded in your site for malicious scripts viruses and other unwarranted code detected on your site. At your request, or automatically, SMART can even remove some of the malicious code from your website and send the clean version back into place. With this tool, you can stay protected from hackers who try to break into your website’s information.
In this blog post, we’re going to discuss setting up and configuring SMART. It is essential that the configuration is set appropriately in order for the scanner to be able to effectively monitor for malware, and clean it from infections.
As a SiteLock member with the Professional, Premium or Enterprise package, when you login to your SiteLock dashboard, you will notice a new type of scan in the list. Click to configure your SMART scan details. You will notice a settings tab will display.
Here, the FTP settings are very crucial to SiteLock scanners being able to communicate and properly scan your site. Please test the access to your site by using an FTP client, such as FileZilla before updating the settings on this page to ensure we’re able to connect and access your site.
Method for File Transfers
You can select FTP or SFTP for this option. Change this to SFTP if your hosting company allows SSH/Shell Access, and enable SSH in your hosting account if you want to use SFTP connections. Be sure to specify port 22 later in the port specification.
FTP Host Address
Here, you can enter the address of your website. You can enter your host address (ftp012456.hosting-company.com), your ip address (188.8.131.52), or your website domain (your-website.com). We will use this to access your site.
Here, you can enter the username we will use to access your site. Some hosts require a full email as the username, so be sure to include the full address if necessary.
Automatically Remove Malware
You can elect the option to totally wipe out any hack we find malicious enough that it should be removed. We enumerate a massive list of signatures, exploits, bad code and the like and we use that to identify bad code on the site. In addition to this list of malicious code we know is bad, we also have other mechanisms that will identify code as suspicious. Should we find any suspicious code, you’ll be notified in the SMART results and see the reasons why the code was flagged as suspicious. Should we encounter malicious code that we can cleanup, our scanner will remove that code and push the changes live to your site immediately. If you are concerned about this breaking your site and would prefer to manually clean the malicious code from your site, feel free to leave this option off.
Select a speed for FTP file Downloads
Your host will have this moderated to however many they think is appropriate. For faster scans, select 3 connections. Typically, only 1 scan is necessary.
This term is synonymous to “document root”, and “web root”. It is the very base of your website without any additional directories. For example: “http://example.com/” is the root of “example.com”.
This is where you specify the root directory to your website. Most hosting companies use `public_html’ as the web root, though some don’t allow you outside the web root at all. If you created the SiteLock FTP account and pointed it to the web root, you can use “/” to indicate the root of your FTP account. Otherwise, enter the path to the web root to the website you wish to scan.
If you are unsure about what directory is your web root, then create a file called `test.txt’ and save it with the contents “This is a test of the home page.” Next, upload the file to your website via the FTP account you created for SiteLock SMART. If you can upload that file and visit directly your website at http://my-website.com/test.txt and you view the contents of “This is a test of the home page.” in your web browser. Then you have “/” as your web root in the SiteLock SMART settings.
If you must change into a sub-directory after logging into your SiteLock SMART FTP account in order to upload the file, then whatever path you used before accessing the file in your web browser is the correct path to place in the SiteLock SMART settings.
For example, if you use your newly created SiteLock SMART FTP account to access your site, and you upload test.txt, without changing directories, then that is the web root: “/”. If you must change directories to something like `/httpdocs/my-website.com/htdocs’ after logging in with your SiteLock SMART FTP account before you can upload your test.txt file and see it in the web root, then `/httpdocs/my-website.com/htdocs’ is the web root you should use for the SiteLock SMART settings.
One final note on thie field: If your web host has indicated that your “user home” directory is in something similar to `/home1/user’, then please omit this from your FTP settings as it will cause an error with SMART’s ability to find your document root.
(S)FTP Port Number
If you are in doubt, leave this field blank. Otherwise, you can enter the port number for (S)FTP service, if it’s hosted on a non-standard port. Again, if this is hosted on a standard port, then you can leave this field blank. It will use the default port.
Maximum Download Time
Here, you can select the amount of time you will permit our scanner to be downloading files before we stop the download and come back the next day.
You can use this directive to control how frequently scans will take place. Daily is the recommended frequency.
Now that SMART has been configured, you can click “Submit” and we’ll attempt to make a connection to your website with the submitted credentials. If the credentials are correct, you will be prompted to scan your site immediately. If not, check the credentials and try again.
Stay tuned for Part 2 of our SMART blog where we will discuss viewing your scan report results. To get the SMART scan for your own website, click here or call our Expert Services team at 877-257-9263.