Category: SiteLock News Page 6 of 7

Cybersecurity Report: July 28, 2015

UCLA Health Hacked, 4.5 Million Victims

Last week, hackers broke into UCLA Health, the hospital network of the University of California, Los Angeles,acquiring access to database with sensitive records of 4.5 million people and potentially affecting four hospitals and 150 offices across Southern California. According to the university, the potential breached information included names, medical information, SSN, Medicare numbers, health plan IDs, birthdays and physical addresses.The network made this announcement two months after the data breach was discovered. The hospital group is now offering affected staffs and patients one year of identity theft recovery services.

Read More

How VPS Hosting Can Help Secure Your Website

Hosting your website on a Virtual Private Server (VPS) can be a great way to improve your website’s security when compared to shared hosting. Why?

Think of shared hosting as sharing an apartment – it’s economical, but roommates can often bring on unnecessary trouble. If a thief steals some of your roommate’s belongings, chances are they’ll steal yours as well. Similarly, if a hacker injects website malware into another website on the same server as yours, it can affect your website as well.

With a VPS, your website has its own partitioned space, operating system and (usually) unique IP address, isolating it from cyber attacks. A VPS also provides access to the console, something that shared hosting usually doesn’t allow, which can be helpful when removing malware.

Neill Feather, President of SiteLock, has written a blog post explaining more security benefits of a VPS and website firewall on IT Toolbox – you can read it by clicking here.

SiteLock Website Security

Must-Know Privacy and Security Compliances

With cyberattacks and data breaches on the rise, privacy and security compliances are more important than ever. What are compliances you ask? Generally, they’re laws designed to protect private consumer and company data from being stolen and exposed.

Privacy and security compliances span across many industries – education, government, health and technology, like cloud and SaaS. You may have even heard of a few of them, like HIPAA or SOC.

Govloop

Neill Feather, president of SiteLock, recently wrote an article highlighting the top 3 privacy and security compliances that you should know, along with some tips to help organizations improve website compliance.

Read Neill Feather’s Govloop article for more information. If you have any questions about how to secure your website, give SiteLock a call at 855.378.6200. We are available 24/7/365 to help.

 

Five Common Website Security Issues

five common website security issues

Websites and web applications are being hacked more than ever these days (especially with the rise of online businesses and B2B SaaS-based platforms). If a hacker gains access to the system, they can compromise financial records, medical records and other personal information such as Social Security Numbers and credit cards.

SiteLock president Neill Feather recently wrote an article on B2BNN, covering 5 security issues that many websites and web applications face, with solutions, including handling payments  (PCI compliance), malware and password enforcement. For the full article, click here.

SiteLock Sponsors WHD.usa 2015

WHD.usa (WorldHostingDay USA) is an upcoming networking event for the hosting and cloud service markets, bringing together local service providers and international IT companies. WHD.usa will be WHD’s first event in the United States, and is taking place on May 19-20, 2015 at the 7Springs Ski & Mountain Resort in Pennsylvania.

Read More

5 Must-Read Cybersecurity Websites

Cyber MondayThere’s no doubt that cybersecurity is on the rise. As the world continues to experience data breaches, more and more of these stories have been filling headlines.

With so much cybersecurity overage, it can be difficult to sort through the noise and identify the most important stories. That said, we’ve put together a list of the top five must-read websites that you should add to your daily reading list:

Read More

SiteLock President Named to Prestigious Online Trust Alliance’s Board

Neill Feather

SiteLock announced today that its president, Neill Feather, has joined the board of the Online Trust Alliance (OTA), a leading non-profit organization dedicated to building online trust.

“SiteLock’s mission aligns perfectly with that of the OTA, so it is a pleasure for me to join its board and forward both our organizations’ goals,” noted Neill Feather, President of SiteLock. “SiteLock and the OTA are strong proponents of educating businesses and, collectively, we hope to share best practices and thwart the rising number of dangerous and malicious cybercriminal efforts.”

Read More

SiteLock and Web.com Group Announce New Partnership

sitelock web.com partnershipSiteLock website security just announced a partnership with Web.com earlier today, who will now offer SiteLock’s suite of website security products to customers who sign up for their hosting plans.

Web.com, including Network Solutions and Register.com, hosting customers will be offered options for bundled packages of SiteLock’s security services – which include daily website scanning and automatic malware removal along with TrueShield™ web application firewall, which protects websites from malicious traffic and blocks harmful requests.

Read More

ghost vulnerability

The GHOST Vulnerability: What You Need to Know

GHOST vulnerabilityGHOST is now a household name to those even peripherally involved in information security. GHOST is the buffer overflow vulnerability found in certain versions of glibc, the GNU C library, and it’s named after the functions used to reach the exploitable code in the library, gethostbyname() and gethostbyname2().

What has SiteLock done to address the GHOST scourge, and what do SiteLock customers need to know moving forward?

SiteLock patched all TrueShield and TrueSpeed servers against the GHOST vulnerability on September 28, the day after disclosure. Signatures mitigating XML-RPC exploits, which could be used against WordPress installs for example, were implemented beginning the week of February 2nd. And as always, our security team is constantly on the lookout for signs of new GHOST exploitation use.

As a SiteLock customer, we recommend patching all servers using vulnerable versions of glibc, glibc-2.2 to glibc-2.17, to glibc-2.18 or higher.  All major Linux vendors released patches for glibc and they should be applied and servers rebooted as soon as possible.  Also be aware of SUID-root programs on servers which use gethostbyname*().  To find SUID binaries on a system — a sound security practice regardless of GHOST — open a root shell and run the following command.

# find / -user root -perm -4000 -exec ls -ldb {} ; | tee suid.list

For assistance with the GHOST vulnerability call the SiteLock team at 877.563.2791.

 

DDoS: How to Prevent Hackers from Overloading Your Web Server

DDoS AttackWeb security has become one of the hottest topics of the past few years, with cyber attacks originating in many forms. In 2014 alone, we had the Snapchat hack, Heartbleed, Shellshock, SoakSoak and many other attacks (you can learn more about each of them here).

Read More

Page 6 of 7

Powered by WordPress & Theme by Anders Norén