Category: Cybersecurity News Page 8 of 9

Why Website Malware Removal Just Got Even More Urgent

Website malware removal is probably not at the top of your daily “to do” list, and yet it’s something that no business can ignore, even for a day. And new tactics by ransomware authors might just push that task right to the top of your list.

Ransomware is one of the most dangerous types of malware to emerge in recent years. It works by encrypting all the files it finds on infected computers and then demanding a ransom be paid for this files. That ransom can be as high as $10,000 but even paying it might not result in a good outcome. If you’re a business owner, the impact on your business could catastrophic and chances are you’ll never see those files again.

Read More

7 Website Security Tips You Can’t Afford To Ignore

With thousands of attacks daily on websites of all sizes, we thought we’d get your day started with some simple website security tips that should be a regular and central part of your security routine. And here’s why.

As hackers of all sorts constantly probe businesses of all sizes for any kind of vulnerability they can exploit, websites could by far be the biggest hole in security. And just one recent hack should have been a wakeup call for anyone responsible for website security. In the world of security breaches it seems like a lifetime ago, but it was less than three months ago that a company called Hold Security reported finding a stash of more than a billion usernames and passwords, along with half a billion email addresses, on the servers of Russian hackers.

Read More

Shellshock exploit

Shellshock Exploit Exposes Millions Of Servers To Hackers

Remember Heartbleed, that age-old bug that only surfaced last year and left more than half of all internet servers around the world exposed? Looks like we might have yet another Heartbleed on our hands. This one has been codenamed Shellshock.   Experts are already saying the Shellshock exploit could impact millions of Unix systems that operate on Linux or Mac iOS. And may even threaten consumer devices including home routers.

Read More

10 Ways To Keep Hackers Away and Protect Your Data

moneydownthedrain1. Don’t Keep What You Don’t Need

Most businesses hang on to too much data for too long. And it’s often data that they don’t need. Or worse, didn’t realize they even had. So do a spring-cleaning. Do an inventory of all your data and everywhere you keep it. Identify what you don’t need, then get rid of it forever. And not by simply hitting the Delete key, but overwriting it to military standards or shredding it. When it comes to data breaches, you can’t lose what you don’t have.

2. What You Do Keep, Know Where It Is

So many data breaches result from data being in the wrong place at the wrong time. Like highly sensitive customer or employee information being carried around town or across the world on an unprotected laptop. As part of your inventory you need to know where your data is at all times so that you can protect it at all times. That means checking servers, desktops, laptops, websites, tablets, phones, removable storage, filing cabinets, storage lockers, warehouses, third parties and anywhere else it might be hiding.

3. Classify Your Information

Not all information is created equal. And understanding that you can’t protect all data all the time, you have to focus on the stuff that’s worth protecting. That’s where data classification comes in. There are a number of different ways to classify data, but they’re usually a series of three to five categories of importance – from top secret to simply private and confidential. By assigning a security classification to your data, you make it easier for employees to instantly understand how they need to handle that data.

4. Encrypt

In most states, you get an almost free pass on data breaches if the breached data was encrypted. That’s how good encryption is at making data useless to hackers. Encryption is getting much easier to implement and afford. Encryption isn’t just for credit cards and online transactions. In any business you can easily encrypt files, folders, hard drives, texts, phone calls and emails, photos and videos, and just about any kind of data.

5. Comply With PCI

The credit card companies are pretty good when it comes to protecting information, which is why PCI compliance is a great baseline. It’s not perfect and not a guarantee, but you should never be without it.

6. Lock Down Your Website

Many of today’s breaches start with the exploitation of poorly protected and patched websites. Which is really a shame because it’s so easy to protect your website. Make sure you’re using some kind of web scanning or monitoring service that will find and fix security holes before hackers do.

7. Turn Every Employee Into a Data Sentry

Technology only goes so far when it comes to preventing data breaches. People fill that gap, and the most important people are your employees. Every employee needs to understand the value of data, the risks of breaches, and how their choices can make all the difference

8. Try Not to Move It

If you know where your data is and you don’t plan to move it any time soon, then it’s very easy to lock it in place. But data is at its most vulnerable when it’s on the move – like stored on a traveling laptop or phone, sent on tape to a third party like a payroll processor, or even being emailed between employees.

9. Don’t Forget Paper Records

It’s estimated that one in every five data breaches involves paper records. That means documents stolen from a briefcase or in a burglary, dumped without shredding, or simply mislaid. So as part of your inventory you need to go through the piles of information in every office, pick what you have no more need for, and shred it.

10. Use Layers of Security

While antivirus software is important, it’s not enough. While website security is essential, it’s not enough. While good passwords are a must, still not enough. Hackers after your data are relying on the fact that you might be relying on just one or two layers of security between them and your data. Good security is about creating multiple security perimeters that convince hackers that you’re just not worth their time and energy.

Securing your website can be a daunting challenge. Contact a SiteLock consultant today to learn how to quickly and easily secure your site.

Google Author: Neal O’Farrell

Russian Hackers Caught With 1 Billion+ Stolen Passwords

Russian hackersSeems like just about everyone thought that the massive Target data breach earlier this year would be the biggest for a while. Yet only a matter of weeks later, eBay announced a data breach that was even bigger.

Now we’re learning of a hacker haul that makes those earlier breaches look like chump change. Security researchers in Milwaukee revealed that they’ve been monitoring a hacking gang operating from a small Russian town, and found the gang had managed to amass a database of more than 1.5 billion stolen credentials.

Here’s just a sample of what the investigators learned about the hackers, and the implications of their haul:

Read More

Will Website Security Soon Be Mandatory?

When the Federal government starts rolling out legislation that requires all federal websites to make sure they’re a secure place to visit, it’s worth speculating whether regulating business websites for the same purpose might not be very far behind.

The Safe and Secure Federal Websites Act was first introduced as a bill in 2013 and was finally passed into law in July of this year. The law requires that any federal agency that launches a new website, or that has launched any website since 2012, has to certify that those websites are safe.

Read More

Could Hackers Really Clone Your Business?

business cloneIt’s bad enough to get a bunch of calls from irate suppliers wondering why you haven’t paid bills that are months overdue. But it’s even worse if you have no idea what they’re talking about. That’s how one small business owner found out what it was like to have his entire business hacked and cloned by people he never met and never caught.

Read More

Malware

10 Important Security Considerations For Your New Website

So you’re thinking about finally launching your first website. Or you’ve had a website up and running for years but it’s time for an upgrade, an overhaul, and brand new chapter in your online presence.

You’ll have plenty of things to think about and to get right, so just make sure you don’t leave security as an afterthought.

Read More

Why the eBay Data Breach Didn’t Get The Same Attention As Target

eBay data breachIt seems a no-brainer that the recent massive eBay data breach should be a much bigger story than the Target breach. After all, the Target breach “only” affected 110 million customers where the eBay breach impacted closer to 150 million customers.

Read More

Was 2013’s Target Security Breach Really Just The Work Of A Teenager?

grounded_for_lifeWhat’s worse than being recognized as the biggest data breach in history? How about finding out that the culprit responsible for a major hit on your brand and reputation that will eventually cost you billions of dollars was a teenager?

That’s exactly the news Target is dealing with, as security researchers suggest that at least one of the hackers behind the malware used to attack Target is barely 17 years old. Yet this teen was apparently able to develop a pretty sophisticated piece of malware, known as BlackPoS, that was used to infiltrate Target’s systems undetected. And in spite of his young age he’s reported to have already earned a reputation for developing lots of advanced malware. It’s not believed that the teenager is personally responsible for the attacks on Target, but instead sold his malware to dozens and possibly even hundreds of hackers and criminal groups. And one of those groups was behind the Target breach.

Read More

Page 8 of 9

Powered by WordPress & Theme by Anders Norén