WordCamp MSP spanned three days this year, with the first day dedicated to blocks of 2-hour workshops. This gave the speakers and attendees the opportunity to engage in their topics more deeply and leave with both a great understanding of the topic, and many real-world actionable tasks to put into place immediately.
Page 5 of 62
Did you know a whopping 113 million websites contain a security vulnerability? That’s approximately six percent of all websites globally. A website vulnerability is a weakness in website code that cybercriminals can exploit to gain unauthorized access to a site—and a mere one vulnerability has the power to impact over 1,000 pages on a single website.
Let’s talk about one of the most common types of vulnerabilities on the OWASP Top 10: broken authentication & session management. Simply stated, broken authentication & session management allows a cybercriminal to steal a user’s login data, or forge session data, such as cookies, to gain unauthorized access to websites.
As a website owner, it’s important you understand the ins-and-outs of your website—especially when it comes to your security. This is why the SiteLock Platform Digest was created, a weekly email that provides a high-level security analysis of the health and risks associated with your website. SiteLock reviews and delivers your website scanning results on a weekly basis–ensuring you always have visibility to the security of your site.
At SiteLock, we are passionate and committed to giving back to the communities in which we live and work. In July of 2018, SiteLock teamed up with the Phoenix Rescue Mission for their “Code Red” water drive. With temperatures hitting the triple digits during the summer months in Phoenix, the SiteLock team wanted to provide relief to those without access to shelter or water.
We are proud to announce SiteLock employees donated a whopping 23,537 bottles of water to the Phoenix Rescue Mission. Not only that, but SiteLock matched our employees’ donations, contributing more than 47,000 bottles to the drive!
And there’s more good news! The Phoenix Rescue Mission also had a third-party company match SiteLock’s donation. Together, we donated over 70,000 bottles of water to those in need to cool down and get some relief from the summer heat. Check out some photos of SiteLock’s water drive donation!
About the organization: The Phoenix Rescue Mission is devoted to providing help, hope, healing, and relief to the homeless men, women, and children of Phoenix and its surrounding communities.
Every website owner should take responsibility for ensuring the safety of its visitors, but unfortunately, some websites just aren’t secure. An unsafe website can spread malware, steal your information, send spam, and more. To protect yourself and your personal information, it’s important to know that a website takes your safety seriously – but how can you tell? Look for these four signs that a website is safe:
1. Look for the “S” in HTTPS
If HTTPS sounds familiar, it should – many URLs begin with “https” instead of just “http” to indicate that they are encrypted.This security is provided by an SSL certificate, which protects sensitive information entered into that site as it travels from the site to a server. Without an SSL certificate, that information is exposed and easily accessible by cybercriminals. It’s important to note that HTTPS isn’t the only thing a website can – or should do – to protect its visitors, but it’s a good sign that the website owner cares about your safety. Whether you’re logging in, making a payment, or just entering your email address, check that the URL starts with “https.”
Breaking news last week, the NIST (National Institute of Standards and Technology) Small Business Cybersecurity Act was signed into law. The bill will provide an avenue of resources and guidelines for small businesses to reduce their cybersecurity risks. Up next, Black Hat, one of the world’s largest information security conferences, took place in early August 2018 in Sin City. The conference held many briefings on politics, legislation, and Machine Learning (ML) and Artificial Intelligence (AI) in cybersecurity, as well as the challenge of endpoint security for many IoT devices. A topic of importance came from Kryptowire, a mobile security research firm that found firmware vulnerabilities in as many as 10 million Android devices in the United States that have remote escalation privileges.
Websites can transmit a lot of sensitive information during a typical browsing session. Consider what you share online every day: your email address, mailing address, phone number, credit card info, even your login credentials. That’s a substantial amount of information you don’t want falling into the wrong hands! The secret to keeping your and your visitors’ info safe lies in SSL (Secure Sockets Layer) certificates. Learn what SSL certificates are, which websites need one, and what else you need to do to protect yourself and your visitors.
This year marked the 10th anniversary for WordCamp Montreal, held at the John Molson School of Business, in the heart of the city. SiteLock participated as a Gold sponsor and our own Jamie Schmid was selected to speak about how using staging sites in WordPress can make your web development projects a lot easier.
Test Plugin and Theme Updates Without Breaking Your Live Site!
Here at SiteLock, we often tell site owners about how keeping your site updated is one of the most basic security practices you can and should adopt. Earlier this year we talked about using a staging site for WordPress updates, and how it can help ensure your site updates don’t break your live site. In today’s post, we’re going to cover a few ways to create a staging site so you can make those changes without the terror that comes with pushing the update button and possibly breaking Live!
Making headlines last week, over 170,000 carrier-grade routers belonging to internet service providers were compromised. This caused websites being accessed through these routers to be injected with cryptomining malware. In other news, social media site Reddit suffered a data breach in June due to a circumented 2-factor authentication, allowing cybercriminals to access user data like email addresses, usernames, and passwords.