Author: Lauren Papagalos

XSS vulnerability - cross-site scripting

Beware of Cross-Site Scripting!

The popularity of blogging software, with all its vulnerabilities, has spawned thousands of malicious cross-site scripting attacks. With each technological advance, new targets are created for the unscrupulous hacker.

Who Has Been Targeted With Cross-Site Scripting?

Hackers have not neglected immense commercial sites. Facebook, PayPal, Hotmail, Gmail and Twitter have all had issues with cross-site scripting. Often referred to as XSS, cross-site scripting is a major threat to blogs. Owners of blogs should be aware of the dangers, and what actions must be taken to prevent a cross-site scripting attack on their site.

Blog Vulnerabilities and XSS

Most cross-site scripting vulnerabilities take place on server-side code, while DOM (document object model) is a method used by hackers to exploit vulnerabilities on client-side code. Running antivirus or spyware blockers provide some protection, but not nearly enough to prevent attacks from outside.

Read More

malware removal

Finding Malware In A WordPress Website

What types of malware are most commonly found in WordPress websites, and how do they get there?  SQL injection, JavaScript insertion and .htaccess hacks are all common ways to alter the content of your WordPress website. Some malware scripts redirect users to another website, others insert malicious links and others use the .htaccess file to steal your website’s Google ranking.

Common Types Of WordPress Hacks

If you suspect that you have been hacked, here are some common signs to search for in your website code:

An Altered .htaccess File

The .htaccess file is always in the root directory of your WordPress site. This file lets you write rules to control how the server handles website requests, such as Google crawler access or URL redirects.

Read More

Cyber criminals

Protect Your Website From Cybercriminals

Cybercriminals are intelligent and malicious, and their sole purpose is to compromise your website security, in an effort to confiscate valuable, confidential and personal data.   No website, large or small, is exempt from unscrupulous cyber attacks.  The infamous website hackers that make headlines concentrate their efforts on major corporations, government entities and other high-profile organizations. However, there are equally dangerous cybercriminals that prey on small businesses and individuals.

Why Are Small Businesses Targets By Cybercriminals?

The vulnerability of small businesses is greater, due to a lack of expertise in the area of security and limited resources to employ a security professional. In 2010, the National Retail Federation and First Data Corporation conducted a survey targeting small to mid-sized businesses. The results were significant and revealed that more than half of the businesses surveyed thought that they were not susceptible to credit card and personal data theft. Half of the businesses surveyed had not checked the effectiveness of their website’s security system. This is the kind of news that cybercriminals love to hear.

How Cybercriminals Find Vulnerable Targets

Cyber criminals use sophisticated scanning devices to locate security weaknesses. Their goal is to penetrate the limited security most small businesses use. This can spell disaster for a company. One security breach can result in the loss of credibility, as well as the loss of your customers’ trust. USA Today and the Wall Street Journal have recently published articles referencing the increase in cyber attacks on small to mid-sized companies. They steal funds from the business, as well as the credit card information of their clients and customers. It’s a double whammy.

These Internet thieves have planted malicious software, or malware, in the terminals of computerized cash registers, lifting credit card numbers and passwords. Inserted malware links in emails entice unwitting victims to websites that harvest all of their personal information including credit card data, passwords and bank account numbers. The email claims to be from the IRS, their bank, or other financial institutions and always requires an “urgent” response. It only takes one careless employee to make the mistake that can bring a business to its financial knees.

What Can Small Businesses Do?

Internet security is a critical “must” for every business. the increase in criminal cyber attacks on small businesses has created the need for affordable and comprehensive website security. SiteLock is a company founded for the purpose of providing affordable website security solutions for small to mid-sized businesses. SiteLock’s technology specialists have developed a 360-degree website scanning system that provides deep scanning to expose any vulnerabilities on your website. If issues are detected, SiteLock can provide the service you need to remove malware, clean up your site and secure it against future attacks.

Building Online Trust

As technology advances and the global market continues to expand, small companies depend more and more on their websites to increase business. They have to assure their customers that their website is a safe place to conduct business. SiteLock builds confidence and trust with your customers and has proven to increase sales. With the SiteLock Trust Seal, your customers will feel safe conducting business on your website, resulting in increased conversions.

Don’t take chances when there is affordable security at your fingertips with SiteLock. Call 855-378-6200 to find a SiteLock security package that fits your website size and complexity.

What To Do If Your Website Has Been Hacked

With luck, you’ve never experienced a website hack, but many of us have. You look at your site in the morning and it’s scrambled, gone, or worse – it’s showing links to unsavory sites. In some ways, that’s the least unfortunate case, because at least you know immediately that something is wrong.

Read More

Was Your Website Hacked? Six Signs To Look For

It’s sad, but true – many website owners aren’t aware that their site has been hacked until the symptoms are serious. The importance of learning to recognize the signs of a hack cannot be overstated. Of course, it is best to have preventative measures in place to avoid the disastrous results caused by malicious hackers. But if your site has undergone an infiltration, there are some definite warning signs that require immediate attention.

Signs of a Website Hack

If your site has experienced any of the following problems, it is likely that it has already been hacked, and it is critical to get help immediately.

Search Engine Result Changes

If you are not in the habit of checking your search engine results, it is a habit you need to form. When looking at these results, if you observe pages with unusual names, or non site-related text and topics, you have been hacked.

Rapid Drop in Traffic

If potential visitors receive a warning that your site may be harmful to their computer, they will not click on your site. Alternatively, if they receive a virus warning from their own antivirus software, they will leave the instant it pops up. This will result in a significant decrease in traffic to your site, because you have been hacked.

Customers Redirected

If people are being redirected to another site when trying to access your site, you have been hacked.

New Code

If your source code has changed and contains new files, text, or links, you have been hacked. Check your source code frequently. It is an excellent indicator of malicious activity.

Google Blacklist

The one thing no website owner wants to see is a Google warning on their search engine listing. If you see “This site may harm your computer” next to your website listing, you have been hacked.

Someone Reports Getting a Virus

When a customer, or potential customer, gets a virus from your website, your credibility and reputation are at risk. You have been hacked.

It takes years to build a solid online reputation, but only seconds for a malicious hacker to destroy it. Don’t wait another day to be sure your website is secure. Contact SiteLock today at www.sitelock.com or 877-257-9263.

Page 26 of 26

Powered by WordPress & Theme by Anders Norén