As more consumers shift to online shopping this holiday season, they expect their information to be protected every time they make a purchase. With just weeks left until the holiday season kicks off, now is the time to review your current website security strategy. It is important to ensure you’re well equipped to protect your customers’ data when cyber criminals attack.
Page 49 of 63
Hacks are bad. A website compromise is serious, and at SiteLock we see a lot of compromised sites and malicious code. Malicious code is constantly evolving to avoid detection. Adversaries use a large number of strategies to avoid detection, and comedy happens to be one of them.
Since hackers try everything they can think of – pop culture references, internet memes, irony – to disguise malicious code, we’ll dive into the strange and weird to show you how far adversaries will go…
October is Cyber Security Month and it’s a good excuse to assess your web applications and website security before the holiday season.
Few things pose as much risk as an attack aimed at your website. Consider the impact of data breaches to Target, Home Depot and, most recently, Experian and the American Bankers Association. It seems that not a week goes by without a new massive breach making headlines.
While organizations often think of protecting their network, website security is often overlooked, leaving a massive vulnerability open to exploitation. How can you ensure your web applications and website are safe? Use these five tips to make sure your security is where it needs to be:
As SiteLock continues to innovate and push the boundaries of web site protection, we’ve invested in and grown our security research team to provide new capabilities and content for customers and the security community at large.
This week, we will discuss what the SiteLock Research Team is, the team’s mission, and provide an overview of the team’s emerging efforts, as well as where to find and how to interact with the team.
In this week’s post, we take a look at “in-the-wild” phishing attacks and talk about how to counter them. Protecting yourself from phishing and malware attacks is not only important, it’s a fundamental Internet survival skill, made even more essential if you have a web presence you depend on. A compromised workstation could lead to compromised credentials, ultimately leading to complete control of your website by bad actors. We don’t want that.
We’re kicking off a new blog series here at SiteLock, to share some of the insight we gather every day removing malware from websites. This series will be geared toward folks interested in learning more about the web application security landscape. In this space, we’ll cover various topics each week – everything from CMS security to malware, to vulnerabilities and best security practices.
Insights On Malware Campaigns
One of the interesting things about tracking malware campaigns is their changing behavior as the campaigns shift to different targets, employ new tactics to evade detection, and propagate new malware, based on the changing economics of the campaigns.
Below is an example we have seen take shape and evolve over the past few weeks that should give readers an example of how these changes occur and what is going on behind the scenes of a large-scale malware attack campaign.
Last week, the U.S. Department of Justice released a report that revealed some weaknesses in Next Gen Cyber, The Federal Bureau of Investigation’s cyber security program begun in 2012. Next Gen Cyber originally has a budget of $314 million and a total of 1,333 full-time jobs (including 756 agents), while the DOJ also asked for an $86.6 million increase in funding for 2014 to support this Initiative. The FBI had in total 52 open positions of the 134 computer scientists it was authorized to employee under the Initiative.
FCA US LLC, formerly Chrysler Group LLC, announced on Friday that Fiat Chrysler will recall 1.4 million vehicles in US to install software to prevent hackers from gaining remote control of the engine, steering and other systems. According to federal officials, this is the first such action of its kind. This announcement was made several days after cyber security researchers succeeding in using a wireless connection to turn off a Jeep Cherokee’s engine as it drove. The National Highway Traffic Safety Administration also said on Friday that it would investigate whether FCA’s solution to upgrade software was enough to protect consumers from hackers.
Viruses used to be the only website security issue that companies worried about. With cyberthreats increasing in variety, protecting your website is no longer about installing a basic firewall. You also need to consider the necessary add-ons in all the right places to develop a multi-layered security plan.
Add-Ons That Help Website Security
To help you start your own deployment, below are three non-firewall add-ons that you should have in order to develop a comprehensive website security plan.