Category: SiteLock News Page 7 of 8

Five Common Website Security Issues

five common website security issues

Websites and web applications are being hacked more than ever these days (especially with the rise of online businesses and B2B SaaS-based platforms). If a hacker gains access to the system, they can compromise financial records, medical records and other personal information such as Social Security Numbers and credit cards.

SiteLock president Neill Feather recently wrote an article on B2BNN, covering 5 security issues that many websites and web applications face, with solutions, including handling payments  (PCI compliance), malware and password enforcement. For the full article, click here.

SiteLock Sponsors WHD.usa 2015

WHD.usa (WorldHostingDay USA) is an upcoming networking event for the hosting and cloud service markets, bringing together local service providers and international IT companies. WHD.usa will be WHD’s first event in the United States, and is taking place on May 19-20, 2015 at the 7Springs Ski & Mountain Resort in Pennsylvania.

Read More

5 Must-Read Cybersecurity Websites

Cyber MondayThere’s no doubt that cybersecurity is on the rise. As the world continues to experience data breaches, more and more of these stories have been filling headlines.

With so much cybersecurity overage, it can be difficult to sort through the noise and identify the most important stories. That said, we’ve put together a list of the top five must-read websites that you should add to your daily reading list:

Read More

SiteLock President Named to Prestigious Online Trust Alliance’s Board

Neill Feather

SiteLock announced today that its president, Neill Feather, has joined the board of the Online Trust Alliance (OTA), a leading non-profit organization dedicated to building online trust.

“SiteLock’s mission aligns perfectly with that of the OTA, so it is a pleasure for me to join its board and forward both our organizations’ goals,” noted Neill Feather, President of SiteLock. “SiteLock and the OTA are strong proponents of educating businesses and, collectively, we hope to share best practices and thwart the rising number of dangerous and malicious cybercriminal efforts.”

Read More

SiteLock and Web.com Group Announce New Partnership

sitelock web.com partnershipSiteLock website security just announced a partnership with Web.com earlier today, who will now offer SiteLock’s suite of website security products to customers who sign up for their hosting plans.

Web.com, including Network Solutions and Register.com, hosting customers will be offered options for bundled packages of SiteLock’s security services – which include daily website scanning and automatic malware removal along with TrueShield™ web application firewall, which protects websites from malicious traffic and blocks harmful requests.

Read More

ghost vulnerability

The GHOST Vulnerability: What You Need to Know

GHOST vulnerabilityGHOST is now a household name to those even peripherally involved in information security. GHOST is the buffer overflow vulnerability found in certain versions of glibc, the GNU C library, and it’s named after the functions used to reach the exploitable code in the library, gethostbyname() and gethostbyname2().

What has SiteLock done to address the GHOST scourge, and what do SiteLock customers need to know moving forward?

SiteLock patched all TrueShield and TrueSpeed servers against the GHOST vulnerability on September 28, the day after disclosure. Signatures mitigating XML-RPC exploits, which could be used against WordPress installs for example, were implemented beginning the week of February 2nd. And as always, our security team is constantly on the lookout for signs of new GHOST exploitation use.

As a SiteLock customer, we recommend patching all servers using vulnerable versions of glibc, glibc-2.2 to glibc-2.17, to glibc-2.18 or higher.  All major Linux vendors released patches for glibc and they should be applied and servers rebooted as soon as possible.  Also be aware of SUID-root programs on servers which use gethostbyname*().  To find SUID binaries on a system — a sound security practice regardless of GHOST — open a root shell and run the following command.

# find / -user root -perm -4000 -exec ls -ldb {} ; | tee suid.list

For assistance with the GHOST vulnerability call the SiteLock team at 877.563.2791.

 

DDoS: How to Prevent Hackers from Overloading Your Web Server

DDoS AttackWeb security has become one of the hottest topics of the past few years, with cyber attacks originating in many forms. In 2014 alone, we had the Snapchat hack, Heartbleed, Shellshock, SoakSoak and many other attacks (you can learn more about each of them here).

Read More

One Out Of Every Two Businesses Victim Of a DDoS Attack

DDoSIf you think that DDoS attacks are just a problem for the big guys, a new study might change your mind. The recently published DDoS Impact Survey found that nearly one in every two companies, regardless of size, were victims of a Distributed Denial of Service attack. The average cost of a DDoS attack ran to around $40,000 for every hour the attack lasted

The authors of the survey spoke to nearly 300 North American companies, ranging in size from 250 employees to more than 10,000. The responses were very troubling:

Read More

Give Us This Day Our Daily Breach

daily breachSeems like hardly a day goes by without a report of yet another data breach. And that’s because a day doesn’t go by without one. There has been an average of one reported data breach every day for the last five years, and 2014 has no intention of bucking the trend.

According to the non-profit Identity Theft Resource Center, there have been 411 reported data breaches in the U.S. in the first six months of this year. That works out to an average of more than two data breaches every day. And those data breaches combined have exposed an estimated 11 million records.

Read More

What Is A Botnet?

Malware can be confusing. Not just because there are millions of different types of malware, because they’re constantly evolving. And it doesn’t help much that researchers have a tendency to give them some crazy names.

The botnet, on the other hand, is relatively easy to understand. Instead of just stopping at infecting thousands or even millions of computers, botnets will continue to control all those computers remotely to perform the bidding of the bot controller or herder. That’s why it’s one of most sinister types of malware that all business owners need to be aware of.

Read More

Page 7 of 8

Powered by WordPress & Theme by Anders Norén