Drupal has released two additional security updates in the wake of the Drupalgeddon2 critical vulnerability patched on March 28. These updates continue to address vulnerabilities related to the remote code execution vulnerability found in March in both Drupal 7.x and 8.x applications.
Month: April 2018 Page 1 of 2
This year’s DrupalCon took place in Nashville, TN, over the entire week of April 9-13, and I had the privilege of attending for the first time in 6 years. It was held at the very same venue as WordCamp US, Music City Center, with almost 3,000 people filling the halls and auditoriums to connect and learn more about Drupal.
This weekend I had the pleasure of representing SiteLock in our sponsor booth at WordCamp Atlanta, and it was an astounding experience. I find myself amazed at the wonderful and diverse crowd that every WordCamp draws. From speakers sharing their tips for success, to all of the individual attendees with their own stories to tell, the WordPress community at large is an endless fountain of inspiration, knowledge, and collaboration.
This past weekend we were back in San Diego as Gold Sponsors at WordCamp San Diego. I had a blast at our sponsor booth, as well as attending and speaking at my first #WCSD.
In March, Drupal released version 8.5.1 addressing several critical security vulnerabilities. At that time, there was no evidence of the vulnerability being exploited to attack Drupal sites However, on April 12, 2018, a security research firm released a detailed analysis of the vulnerability and steps to exploit it. In the days since this release, multiple exploits of the Drupalgeddon2 vulnerability have been reported.
Continuing to deal with the fallout from the Cambridge Analytica data scandal, last week, Facebook founder and CEO Mark Zuckerberg, testified before U.S. Congress admitting he never audited Cambridge Analytica to ensure the Facebook user data collected had been deleted. Also in the news this week, Panera Bread experienced a data breach that exposed millions of customers’ personal data for as long as eight months. Despite being warned by multiple security researchers, Panera did not disclose or address the leak until last week.
This weekend SiteLock sponsored SNAP, a conference focused on the business of blogging for DIY creatives including modern handmade items, contemporary crafts, home-based events, and dozens of other creative entrepreneurs.
I was honored to present a roundtable session titled “Cybersecurity: Protecting You and Your Blog” about personal and website security, where I shared a checklist of tips about how to keep your personal information private, how to prevent your business blog from being hacked, and what to do if the worst happens.
SNAP isn’t your typical WordPress conference, although the majority of attendees are utilizing that platform. Every session was focused on teaching attendees how to utilize their blogs and social channels to generate a full-time income from their amazing craft-related content and tutorials.
We’re excited to announce that SiteLock® INFINITY™ has won the Threat Detection category for a Product or Service in the inaugural Fortress Cyber Security Awards presented by Business Intelligence Group. In addition, the judges were so impressed with our product that they awarded INFINITY the highest possible rating!
Last December, Patchman announced it was bringing automated core CMS patching to eCommerce applications. Adding to their already robust eCommerce portfolio, we are pleased to announce that Patchman is now offering automated core CMS patching for PrestaShop. PrestaShop is a free open source eCommerce application designed to make online stores accessible to businesses of all shapes and sizes. The application boasts over 270,000 active sites and a community of over 1 million users in 195 countries. Through partnerships with industry leaders like Google and PayPal, PrestaShop’s mission is to help all businesses build a successful online storefront.
Ding ding ding! The bell just rang, and the match has begun. In one corner of the ring stands your WordPress website, flexing 15 plugins, a custom theme, and a brand-new layout designed to attract more visitors. In the opposite corner is a snarling cybercriminal, with an undefeated record in defacements and a two-time championship belt in malware infections. Is your website prepared to fight back?
In today’s threat landscape, cybercriminals are increasingly attacking WordPress websites. In fact, the average website experiences 44 attacks per day, and WordPress websites are two times more likely to be compromised than non-WordPress sites. As a website owner, it’s time to get off the mat and fight back!