SiteLock is expanding the network behind our web application firewall, TrueShield, and our content delivery network, TrueSpeed. To accommodate our growing customer base, we’re adding over 130,000 new unique IP addresses on May 1st, 2017. This will require some customers to make changes to their firewall or web server configuration to ensure our new servers are compatible with your website’s hosting server. If these changes are not made by May 1st, 2017, your site visitors may be restricted from accessing your website.
Author: SiteLock Page 11 of 24
Last year we published an #AskSecPro series where we explained how signature-based malware analysis works, as well as how traditional signatures are created. An area we don’t often talk about in public channels, but has played a pivotal role in SiteLock becoming a global leader in website security solutions, is our research and development efforts in new security technologies. In addition to our more traditional approaches to malware detection, SiteLock continues to explore new frontiers in technological improvement to push the field of security research forward. For some time SiteLock has been developing machine learning mechanisms as part of its process for discovering new malware iterations on an automatic basis. Our research in the field has shown that machine learning promises to be an important part of early malware detection and preliminary identification. One of the most significant breakthroughs we’ve had in machine learning as it pertains to malware detection and signatures, has been in feature-based signature analysis.
We are excited to share that SiteLock has been named to the 2017 Gartner Magic Quadrant for Application Security Testing for the second year in a row! Designed to analyze and test applications for security vulnerabilities, application security testing (AST) is growing faster than any other security market, according to Gartner.
In Part One of our #AskSecPro series on WordPress Database Security, we learned about the anatomy of WordPress. Now that we have a firm understanding of the role the WordPress MySQL database plays in a WordPress installation, we can take a look at the various ways an adversary can exploit the mechanisms involved. We’ll also explore some of the ways to defend your database against compromise.
Over the last few days you may have heard the term #Cloudbleed thrown around the water cooler. Some of the questions our customers are asking us include, “What is Cloudbleed?” and “Am I protected from Cloudbleed?” As your resident Security Professional, I’ll be glad to help you to understand what the Cloudbleed buzz is all about and how it may impact you.
— First, I want to be very clear that the Cloudbleed bug does NOT impact SiteLock TrueShield™ WAF/CDN. More below.
We are excited to announce that SiteLock has been named one of the 2017 100 Best Companies in Arizona by BestCompaniesAZ! Even more exciting, we’ve been recognized in the category “Best of Cool,” which honors Arizona’s top organizations that create strong, unique corporate cultures and promote creativity and innovation.
We are lucky to have an excellent team of dedicated individuals who work hard to support the growth and success of our company. Our open working environment offers lots of transparency and employee freedom to share ideas and challenge the status quo. We operate under a true open-door policy and try our best to ensure our employees enjoy coming to work each day.
This month we’ve seen WordPress websites bombarded with defacements and remote code execution attempts by abusing a vulnerability in the WordPress REST API. As could be expected, compromises motivated by financial gain have now made their debut through the same vector. This most recent flavor of defacements focuses on driving traffic to a rogue pharmacy website, where the visitor is encouraged to purchase — you guessed it, “authentic” erectile dysfunction medication.
Dan Karr is the founder and CEO of ValChoice.com, a company with a mission to “give every consumer in America a free analysis of their insurance company.” After an awful car accident, Karr was unable to recover almost $100,000 worth of medical expenses from his health and auto insurance companies. As a husband and a father of three, the financial strain put pressure on his entire family. “After that experience, I vowed to prevent this from happening to any other family by leveraging my technology background to bring transparency to the insurance industry,” said Karr. That’s when ValChoice.com was born.
ValChoice.com provides its customers with a detailed, easy-to-understand analysis of the value, protection and services that insurance companies offer. As the company website states, ValChoice.com is “an independent, unbiased and trusted source of information about insurance companies.”
In the continuing saga of the WordPress REST API vulnerability in WordPress 4.7 and 4.7.1, SiteLock has identified that at least one hacker has launched a campaign specifically attempting remote code execution (RCE) on WordPress websites. The attacks aim to take advantage of WordPress websites using plugins that enable PHP to run inside of posts. If successful, the attack injects a line of code that ultimately downloads a series of malicious files from a Pastebin repository. These malicious files are used to install backdoors and automatically steal information from websites. When unsuccessful at remote code execution, the attack overwrites existing posts and leaves behind PHP shortcode.
For most people the year is still just getting started, but for some website owners the year has already packed quite a punch in the form of website attacks. This month hackers exploiting a vulnerability in the WordPress REST API successfully defaced over a million websites in what has become one of the largest website defacement campaigns to date. The attacks injected content that overwrote existing posts on WordPress websites running versions 4.7 and 4.7.1, leaving website owners with an immeasurable number of “Hacked by” posts across the droves of impacted websites.
Many website owners who have unfortunately found themselves in the proverbial trenches of a digital battlefront, some of which had at least some security measures, are facing a difficult data recovery situation. It is from these recent events that the next Ask a Security Professional question was crafted; How can I better protect my data?
I feel that it’s important to fully understand what the problem is in order to best understand what forms a solution can take. In Part One of #AskSecPro we’ll cover an introduction to some of the infrastructure behind WordPress. Let’s start at the beginning.