SiteLock© INFINITY™ Patches the Joomla! Contact Form Vulnerability

By

On August 15, 2019

In Joomla! News, SiteLock Research

Joomla! released version 3.9.11 on August 13, 2019, to patch vulnerabilities found within versions 1.6.2 and 3.9.10. This latest security update fixes a vulnerability that allows for mail submission in disabled forms. 

Prior to this patch, it was possible for anyone to submit a mail submission to a form even if it was disabled. Com_contact is activated by default in Joomla! installations. This means any user running Joomla! versions 1.6.2-3.9.10 are affected by this vulnerability. With no contacts established or the functionality is disabled, the plugin should not have the ability to send an email, however, with this particular vulnerability it can still send spam emails.

Read More

Content Delivery Network Security Best Practices

By

On August 12, 2019

In Cyber Attacks, Firewalls

Despite what your lightning-fast Wi-Fi connection may indicate, the internet is not instantaneous. When someone visits your website, it takes time for content such as text, pictures, and videos to travel from the point of origin to wherever the website’s visitor is located. The further apart the two points are, the longer it takes for the content to be delivered.

Content delivery networks exist to expedite this process. Imagine your business is based in Boston and someone visits your website from San Francisco. If the content had to travel completely across the country, the website load time would be extremely long. CDNs improve this process by storing content on servers located throughout the country in data centers called “points of presence.”

Read More

The 2019 Database Gold Rush

By

On August 8, 2019

In Database Security, SiteLock Research

The California Gold Rush began in 1848 when James W. Marshall discovered gold at Sutter’s Mill in Coloma, California. Just over 170 years later, we are experiencing a similar rush, only this time it is data being mined, instead of gold. The data gold rush may have had a slower start, but the value to those who are doing the mining is similar.

What Makes Databases So Valuable?

Read More

Protect Customer Data with the Enhanced SMART Database Scanner

By

On August 6, 2019

In Product Updates, SiteLock News

30% of all malware cleaned by SiteLock’s Expert Services is located inside website databases. With databases housing critical customer data like emails, addresses, and other personal information, we knew we needed to develop a comprehensive solution to keep companies secure. That’s why we launched SMART® Database (SMART/DB™) two years ago, automatically detecting spam or malware found within critical WordPress database tables.

We are excited to announce we are taking database security a step further. 

Read More

These 3 Automated Cybersecurity Tools Will Save You Time and Money

By

On August 2, 2019

In Cybersecurity News, SiteLock News

As cyberattacks become increasingly automated, website owners must come to the realization that it might be time to fight fire with fire. Manual detection and removal is becoming increasingly unrealistic — even with the most highly skilled team of cybersecurity specialists at your disposal. 

Implementing automated cybersecurity tools is the best way to not only prevent cybersecurity attacks but also reduce the time it takes to identify and contain successful ones — which is a major determinant of the overall cost of a cyberattack. Downtime from a cyberattack can cost small businesses as much as $427 per minute. Automated cybersecurity tools can notify you of an attack as soon as it occurs so you can spring into action.

Read More

The Ultimate Incident Response Plan Checklist

By

On July 30, 2019

In Data Breach, SiteLock News

How do you resolve a cyberattack as quickly and completely as possible? A cyber incident response plan is designed to answer that question. The plan kicks in immediately after an attack and outlines exactly how your company will use its resources to minimize the damage and overcome the incident. In as much detail as possible, it describes who will be involved, what individuals’ roles will be, and which procedures they will need to follow.

Read More

How to Assemble a Cybersecurity Incident Response Team

By

On July 25, 2019

In Cyber Attacks

A cybersecurity incident response plan is the best way to ensure your business is ready to, well, respond to a successful cyberattack. The most effective plans delegate specific responsibilities to individual team members so that when a hacker strikes, everyone knows his or her next steps. 

When building your response plan, the first question you should ask is: “Who should be on the cybersecurity incident response team?”

Read More

How You Should Respond Internally to IT Security Incidents

By

On July 18, 2019

In Data Breach, SiteLock News

In a single day, websites experience, on average, nearly 60 cyberattacks. And for small businesses, successful attacks can have a lasting impact: 60% of small businesses will go out of business following a successful breach due to the costs of recovery.

In this article, we’ll talk about IT security incidents, which are events that indicate an organization’s systems or data have been compromised or that existing cybersecurity measures have failed. The key to staying afloat during an IT security incident is preparation — and effective communication is a major component in that. Knowing how to communicate transparently, both internally and externally, in the wake of an attack not only builds trust with your employees but also helps protect your reputation.

Read More

Mitigation Strategies for Cyber Attacks at Your Small Business

By

On July 15, 2019

In Cyber Attacks

If you’re wondering how to protect your small business against a cyber attack, you’re not alone. Almost 60% of cyber attack victims are small businesses, and within two years of the first attack, the likelihood that a small business will experience another is approximately 28%

In response, entrepreneurs everywhere are looking for a mitigation strategy that limits any potential damage while meeting their business needs. Even if you implement preventive security measures, such as keeping your website software up-to-date, perfect cybersecurity is never a guarantee, especially as hackers become more persistent and use more sophisticated methods.

Read More

Types of Cybersecurity Threats Your Incident Response Plan Should Include

By

On July 10, 2019

In Cyber Attacks, Data Breach

Cybersecurity threats aren’t going away anytime soon. In fact, our annual security report illustrates that the number of daily website attack attempts increased by 59% between January 2018 and December 2018. This increase shows that cybercriminals are not only deploying attacks more often, but also using automation technology to do so. 

The good news? These attempts appear to be getting less successful. Of the 6 million individual websites that we analyzed, only 60,000 were actually compromised following an attack attempt, indicating that website security tools are getting better at fending off attacks.

Read More

Page 1 of 67

Next →

Categories

Archives

SiteLock Blog Topics

botnet Case study community interview Content Delivery Network (CDN) Cross-Site Scripting (XSS) cybercrime cybersecurity laws data privacy data protection data security DDoS Attack Drupal ecommerce event recap Hosting Provider how to Internet of Things (IoT) Joomla malvertising malware Malware removal Malware Scanner national cybersecurity awareness month (NCSAM) password security PCI Compliance phishing protect your online business ransomware recap Safe Holiday Shopping Security Updates SiteLock events SiteLock reviews SQL Injection (SQLi) Target Vulnerabilities vulnerability web application firewall (WAF) web application security website scanning website security Website Security Insider WordCamp wordcamp recap wordpress

Quick Links

SiteLock.com

Powered by WordPress & Theme by Anders Norén