On last week’s episode, SiteLock experts answered a common question: who is responsible for website security? The answer came as a surprise to some. With nearly half of website owners believing that their hosting provider is in charge of their site’s security, some viewers may be left wondering what exactly their hosting provider is responsible for.
Category: SiteLock Podcast (Page 1 of 3)
Many consider cryptocurrency to be the future of money since it eliminates disclosing personal financial information when purchasing goods and services online. So, what do you need to know? Security Analysts Jessica Ortega and Ramuel Gall highlight information you need to know about cryptocurrency and cryptojacking as you listen in this week.
It’s no secret that websites face a barrage of attacks daily, up to 50 on average. But whose job is it to secure websites against those daily threats? Recent SiteLock survey data shows that nearly half (45%) of website owners believe that their web host is responsible for keeping their website secure. Nothing could be further from the truth.
Hot on the heels of the major cyberattack on Ticketfly comes the news of a breach affecting Ticketmaster UK. Impacting customers who purchased concert tickets in the UK, it was reported that malware was found in the website’s third party customer chat client. The malware flew under the radar for months, accessing credit card and personal information of 40,000 victims between September 2017 and June 2018. Stealthy malware is just one of many topics featured in Q1 2018 edition of the SiteLock Website Security Insider – our hosts cover some of the highlights of the report.
We continue to hear about cyberattacks and data breaches around the world. Last week, the European retailer, Dixons Carphone, admitted to a huge data breach involving 5.9 million credit cards and 1.2 million personal data records. Meanwhile in the United States, net neutrality has officially been repealed. The rules that required internet service providers to offer equal access to all web content are no longer in effect as of June 11, 2018.
Gamers and music lovers alike may want to reset their passwords after reading the latest headlines. Last week, gaming client Steam announced they had found, and fixed, a severe security flaw that left local systems vulnerable for the past 10 years. The vulnerability would have allowed cybercriminals to infect any of its 15 million users with malware. A few days earlier, ticket distribution website Ticketfly fell victim to a cyberattack. The cybercriminal responsible defaced the website and claims to have a file of user and customer information taken from its database.
Making headlines last week, the spam campaign Brain Food has been feeding email recipients a steady diet of junk messages, infecting over 5,000 compromised websites over the last four months. Additionally, the U.S. Federal Bureau of Investigation (FBI) took control of a large cyber-attack aimed at Ukraine in late May 2018. The massive malware campaign infected up to 500,000 routers, many located in small businesses and home offices around the world.
Cybersecurity issues can occur anywhere, even in cardiac devices and pacemakers. The U.S. Food and Drug Administration (FDA) announced an upgrade to the firmware installed on certain vulnerable cardiac devices. The update protects these devices from unauthorized access that could be harmful to patients. Also making headlines last week, Georgia’s governor vetoed a bill that would have criminalized unauthorized computer access. The bill received blowback from the state’s booming cybersecurity industry for claiming vulnerabilities in important computer systems would not be uncovered and disclosed responsibly. As a result, cybercriminals would be able to exploit them with ease.
Decoding Security is celebrating National Small Business week by sharing simple recommendations that small businesses can use to protect themselves from today’s ever evolving cyberthreats. But first, we take a look at what’s trending in the news. Two additional security updates were released by the Drupal security team last month as part of continuing maintenance efforts after the discovery of the initial Drupalgeddon2 vulnerability in March. Drupal is urging its users to implement these updates immediately to avoid possible compromise. Meanwhile, the RSA Security Conference took place in San Francisco last month, drawing thousands of attendees from across the globe. However, the third-party mobile app built for the mega IT security conference was found to have a vulnerability, which could have potentially leaked the first and last names of attendees.
Continuing to deal with the fallout from the Cambridge Analytica data scandal, last week, Facebook founder and CEO Mark Zuckerberg, testified before U.S. Congress admitting he never audited Cambridge Analytica to ensure the Facebook user data collected had been deleted. Also in the news this week, Panera Bread experienced a data breach that exposed millions of customers’ personal data for as long as eight months. Despite being warned by multiple security researchers, Panera did not disclose or address the leak until last week.