Why a Secure Database Means Stronger Customer Relationships

By

On February 19, 2020

In Database Security

Most small businesses use a content management system to build their site. These systems are easy to use and offer the capability to add external features and functionality, which allows businesses to design a fully functioning website without a single line of code. CMS applications can reduce the overhead cost of staffing a developer to build and maintain a small business’s website. However, neglecting to understand your website’s internal components — such as its database — could cost you more over time. It’s important to understand the critical role a website database plays in your business’s success and how it could potentially impact your customer relationships.

So, how could your website’s database impact your customers? Essentially, your database is a treasure chest full of your customers’ most valuable information. This data stems from the actions customers take on your website, such as making purchases with a credit card or filling out contact forms that ask for phone numbers and email addresses. All of the information entered into your website lives in that database. As a trusted business, your customers count on you to keep their data secure.

Read More

Assess Your Database Security With This 4-Step Checklist

By

On February 7, 2020

In Database Security

With content management systems like WordPress powering a large portion of the websites online, it’s even easier for first-time website owners to build a sleek, professional site for their online business. Dynamic CMS sites are often powered by a database, which is a critical component to secure. This is where your customers’ information is stored. Any time a site visitor clicks an image, fills out a contact form, or makes a purchase on your website, that information is stored in the database.

As a digital storage room full of important customer information, a database is invaluable to your online business. It drives conversions and is the backbone of how you deliver meaningful content that keeps your visitors coming back — but it’s also valuable to cybercriminals. That’s why your small business should make database security a top priority in 2020.

Read More

Plugin Vulnerabilities: WordPress Fashion Blogger Hit by Zero-Day Exploit

By

On January 30, 2020

In SiteLock Reviews

The desks were filled in the SiteLock Security and Research departments. Our security analysts were furiously working to manually clean malware from a number of WordPress sites. As each site was cleaned a trend began to emerge. Sites built with WordPress were experiencing a malicious redirect that originated in the Yuzo Related Posts plugin due to a Cross-Site Scripting (XSS) vulnerability. Our security analysts recognized they were cleaning the same malware strain found in the Yuzo zero-day exploit.

Lydia Swanson, fashion blogger and owner of ChicandModish.com was just one of many website owners experiencing this issue. In Swanson’s case, the attack not only impacted revenue but also put the future of her brand at risk.

Read More

The Top 3 OWASP Threats Your Business Should Address Today

By

On January 24, 2020

In Cyber Attacks, Data Breach, Small Business

If you’re a small business owner looking to boost your cybersecurity efforts, you’ve likely come across the term “OWASP Top 10.” The Open Web Application Security Project, or OWASP, is a nonprofit group of cybersecurity experts who aim to make cybersecurity resources easily accessible to any business or individual interested in learning about the risks that exist online today. 

The OWASP Top 10 is a list of the most critical web application security risks that anyone with a website should know about, and it’s an especially great resource for small and midsize businesses (SMBs). SMBs tend to have less budget and fewer resources available to defend against cyberattacks, so they’ve become a popular target for bad actors. The OWASP Top 10 list can help pinpoint possible vulnerabilities to help establish your cybersecurity priorities.

However, there are three threats from the OWASP Top 10 list that we think SMBs should know about and address immediately. Keep reading to learn more about these threats, as well as tips for securing your business against them.

Read More

3 Ways to Prevent a URL Redirect Attack

By

On January 16, 2020

In Cyber Attacks, Firewalls, Malware

Cybercriminals are stealthy in their attacks — especially when financial gains are involved. With this type of attack, hitting the jackpot requires time and patience. Regardless, cybercriminals also employ “noisy” attacks, or ones intended for victims and other website visitors to see. These typically promote very radical or personal views on various subjects. Some common attacks, however, can be either noisy or stealthy, and this includes URL redirection attacks.

Read More

SiteLock’s Top Five Cybersecurity Predictions For 2020

By

On January 9, 2020

In SiteLock News

It’s safe to say that the volume and magnitude of high-profile data breaches and ransomware attacks that punctuated 2019 really kept the cybersecurity industry on its toes. Data breaches stole numerous headlines this year, including the notable Capital One breach that exposed more than 100 million customers’ accounts. In fact, New Orleans even declared a state of emergency due to the large number of public services that were directly impacted by this ransomware attack. In comparison to last year, research shows that data breaches have increased by 54% — making 2019 “the worst year on record” for data breaches. 

According to SiteLock researchers and cybersecurity experts, the threat landscape will only continue to grow in 2020 and will likely bring even more new challenges with it. We’ve analyzed the current state of the industry and packaged up our top five cybersecurity predictions for 2020.

Read More

SiteLock INFINITY Wins the 2019 Cloud Security Excellence Award

By

On December 30, 2019

In SiteLock News

We are excited to announce that SiteLock® INFINITY™ has been recognized as a WINNER of the 2019 Cloud Computing Security Excellence Awards! The Cloud Computing Security Excellence Awards, presented by TMC’s Cloud Computing Magazine, honor solutions in two categories: solutions that most effectively leverage cloud platforms to deliver network security, and those providing security for cloud applications.

Read More

What Is Malvertising and How Do You Prevent It?

By

On December 12, 2019

In SiteLock News

Did you know that a malicious advertisement could look exactly the same as a legitimate one?

Malware is constantly changing as cybercriminals look for new methods to wreak havoc on website owners and visitors. One of their main tactics is malvertising — tricking visitors into downloading malware disguised as online ads — which can cause problems for both your business and customers. Cybercriminals carry out malvertising cyberattacks in two ways: They either inject malicious code into legitimate digital ads, or they create fake ads and distribute them through ad networks.

It’s easy for an end-user to fall victim to a malvertising attack. Because these devious ads have the same look and feel as legitimate ones, the illicit ads can slip by security checks during the approval process. Once someone clicks the infected ad, it starts a malicious download process and ultimately infects the user’s computer.

Read More

A Small Business Owner’s Guide to Preventing SQL Injection Attacks

By

On December 5, 2019

In Cyber Attacks, Data Breach

SQL injection is such a common tactic in cybercrime that it’s been named a top security threat by the OWASP Top 10, a powerful awareness document representing the most critical security risks to web applications. If you’re not protecting your website from this type of attack, your business and customers are at risk.

So what is an SQL injection attack, and why is this method so popular among professional and amateur cybercriminals?

Read More

How to Prevent Cross-Site Scripting Attacks

By

On November 21, 2019

In Cyber Attacks

In November 2018, security researchers from Check Point made an interesting discovery about the wildly popular game “Fortnite” — the website was vulnerable to cross-site scripting attacks. Thanks to an old, unsecured webpage, researchers found out that potential hackers could gain unauthorized access to users’ accounts, in-game currency, and audio recording capabilities — all without ever needing their login information.

The cross-site scripting attacks that dominate headlines tend to be larger-profile cases with big-name companies; in reality, businesses of all sizes can fall victim to this kind of cyberattack. In fact, cross-site scripting attacks account for 31% of all attacks — making it the most common type of attack (followed by SQL injection at 20%).

Read More

Page 1 of 69

Next →

Categories

Archives

SiteLock Blog Topics

botnet Case study community interview Content Delivery Network (CDN) Cross-Site Scripting (XSS) cybercrime cybersecurity laws data privacy data protection data security DDoS Attack Drupal ecommerce event recap Hosting Provider how to Internet of Things (IoT) Joomla malvertising malware Malware removal Malware Scanner national cybersecurity awareness month (NCSAM) password security PCI Compliance phishing protect your online business ransomware recap Safe Holiday Shopping Security Updates SiteLock events SiteLock reviews SQL Injection (SQLi) Target Vulnerabilities vulnerability web application firewall (WAF) web application security website scanning website security Website Security Insider WordCamp wordcamp recap wordpress

Quick Links

SiteLock.com