Page 57 of 62

Malware

8 Malware Threats To Watch Out For

Malware threatsSo many malware threats, so little time. We’ve rounded up the eight most dangerous malware threats every business needs to be aware of.

1. Banking Trojans

From Citadel to Zeus, banking Trojans have proven to be some of the most potent and profitable malware tools. This malware focuses on stealing bank account logins, which in turn can be used to steal whatever is in those accounts. It is believed that Zeus alone has been used to steal more than $120 million from compromised accounts.

2. Backdoor Trojans

Backdoor Trojans are designed to give hackers the very same access and rights to a computer or network as the administrator in charge of managing them. Which means hackers can do a lot of damage over an extended period – from stealing information and deleting files to changing passwords and modifying security settings.

3. Keyloggers

Keyloggers have once again become a favored tool of cybercrooks. They’re designed to steal anything that’s typed on a keyboard and even on a touch screen. In recent tests, only one of 44 of the most popular antivirus software products in current use was able to detect even the simplest keylogger.

4. Ransomware

Ransomware like Cryptolocker is also on the rise, and researchers claim that the malware has been so successful in making money for its creators that it’s likely to spawn lots of copycats. Ransomware makes money by encrypting all the data on an infected computer and then charging a fee or ransom to release that data back into the custody of its owners. One small cyber gang is believed to have made more than $27 million using Cryptolocker.

5. Exploit Kits

Exploit kits can include Trojan downloaders and droppers and are really the road crew of the malware industry. Their job is not so much to commit the crimes but set them up. Once installed on a victim computer or network, they give the criminals the options of what kind of malware they want to upload. In 2013, the Blackhole Exploit Kit was most commonly used to deliver the Zeus banking Trojan.

6. Bots

Bots are tiny pieces of malware, at least compared to their malware cousins described above. And unlike their cousins, they’re not specifically designed to attack the host computers they infect. Instead, bots take control of the infected computers, sometimes millions of infected computers at a time, to assist in other crimes. Those crimes could be to share or hide stolen information, distribute child pornography, or attack other computers.

7. Drive-by Downloads

Drive-by downloads, like APTs, are not really malware but attacks designed to help malware. They don’t necessarily break into the bank, just cut the hole in the roof for others to climb through.  Vulnerable websites are infected with malware that’s not designed to attack the website itself, but to spread the malware to visitors to that site. Once recent report found that crooks now prefer to spread malware through websites versus email by a ratio of 5-1 because it’s much more effective.

8. Advanced Persistent Threats

Advanced Persistent Threats, or APTs, may not really be a type of malware either but a type of attack that usually involves malware. And usually the most sophisticated kind. APTs have been growing in popularity because they work, and get their name because the attackers will often pick very specific targets and attack them relentlessly over a long period and using some very sophisticated attack tools. Some companies and even individuals targeted by APTs have been attacked as often as thirty times in thirty days.

Constant vigilance and layers of security are your best defense against malware. It’s much more cost-effective to put security in place proactively rather than react after an attack. SiteLock’s website security solutions can find and even automatically remove malware, as well as block malicious traffic from accessing your website in the first place. Call our security experts today at 877.563.6200. We are available 24/7 to help.

 

Don’t Let Your Employees Become The Enemy

top8Of all the threats that could be stalking your business daily, it is most unpleasant to think about the fact that the biggest threat could already be inside your walls, maybe even on your payroll. Unfortunately there’s plenty of evidence to suggest that the biggest source and cause of security incidents is the humble employee.

The good news is that few of these incidents are deliberate attacks or frauds by your most trusted insiders. Instead they tend to be innocent mistakes which could easily be avoided but which are quickly taken advantage of by hackers.

Read More

content delivery network

Increase Website Speed with a CDN

We all want faster websites, no matter which side of the site we’re sitting on. Surfers want faster page loading times because they’re usually impatient and will quickly lose interest if the page appears to take more than a millisecond to load. And as a business owner, you should be concerned with speed too. You don’t want to lose valuable customers just because your website appears to be tranquilized.

Read More

Protecting Customer Data

Customer DataIdentity theft is the number one crime in America, a crime that claims an average of more than a million new victims every 30 days. And many of those victims are as a result of businesses that leak their customer information, usually by accident, and often through their website.

Read More

SiteLock Website Security

Hacked.gif: The Hidden Dangers of Malware in Website Images

For your company’s brand, sometimes image is everything. And how better to establish the your brand’s image than through the images on your website? The images you use on your website and social media accounts have to be chosen carefully.

You need to choose images that support the content you’re publishing and the message you’re promoting. You need to choose images that are appropriate for your audiences because you don’t want to offend anyone. And of course you need to choose images that you have permission to use. Using unlicensed images can cost you thousands of dollars in fines, even if they were put on your website years ago by a third-party web designer.

Read More

POS Malware

Big Brands Defenseless Against POS Malware

2014 could go down as one of the most significant years in the world of cybersecurity, and malware in particular. It wasn’t just the small window that revealed data breaches at Target, Neiman Marcus, Michaels Craft Stores and potentially dozens of other retailers. Nor was it the fact that this explosion in data breaches could all be the work of a seventeen-year-old.

Read More

Was 2013’s Target Security Breach Really Just The Work Of A Teenager?

grounded_for_lifeWhat’s worse than being recognized as the biggest data breach in history? How about finding out that the culprit responsible for a major hit on your brand and reputation that will eventually cost you billions of dollars was a teenager?

That’s exactly the news Target is dealing with, as security researchers suggest that at least one of the hackers behind the malware used to attack Target is barely 17 years old. Yet this teen was apparently able to develop a pretty sophisticated piece of malware, known as BlackPoS, that was used to infiltrate Target’s systems undetected. And in spite of his young age he’s reported to have already earned a reputation for developing lots of advanced malware. It’s not believed that the teenager is personally responsible for the attacks on Target, but instead sold his malware to dozens and possibly even hundreds of hackers and criminal groups. And one of those groups was behind the Target breach.

Read More

SiteLock Website Security

Celebrate Data Privacy Day with SiteLock

dpd_logoWith the Target data breach and its endless repercussions still on most people’s minds, next week’s Data Privacy Day (January 28th) is well-timed to pause and think about data privacy and what it means to your business and customers.

The idea behind Data Privacy Day has been around for a number of years, but began to really catch on in 2009 with the U.S. Congress declared the very first National Data Privacy Day. So every year around this time, privacy and security advocates use this annual event to raise consumer and business awareness about privacy, what it does and should mean to us, and why it’s so important for all of us to recognize.

Read More

POS Malware Hits Target in Data Breach

Data breachIt’s been less than a month since mega retailer Target announced that a little more than 40 million customer debit and credit cards had been stolen by hackers. Not long after that, we saw the first of those cards being sold a few hundred thousand at a time, in a variety of underground hacker forums. Although not that underground, since I was able to register on the most notorious hacker sites and see for myself how easy it was to buy an identity.

Read More

What Your PC Can Teach You About Website Security

Website securityConfused about how to protect your website? It’s actually not that hard (hint: there are great companies that will do it all for you for less than a buck a day). But perhaps the easiest way to get your head around website security is to think of it like a PC. Except this is the most important PC you could ever have, because much if not most of your business probably relies on it.

Think about all the things you need to do to protect your PC, and how easy it is. For example:

  • You protect it from malware by making sure you have good quality antivirus software. You constantly update that software so it can detect the latest threats, and you regularly scan your computer in case anything slipped past.
  • You use a firewall, so that you can deny access to hackers and malware that constantly stalk the internet looking for vulnerable computers like yours.
  • You practice computer hygiene. You’re careful about what websites you visit and what you download, so that you don’t inadvertently infect your computer.
  • You make sure your PC is constantly patched. Most malware infections result from unpatched vulnerabilities, from Windows to Flash, so you want to patch those vulnerabilities before a hacker can exploit them.
  • If other people have access to your PC, you let them know what the rules are, so that they don’t do something that breaches your good security habits.
  • If there’s sensitive information on your PC, you take a variety of precautions to protect it. You use strong passwords that are hard to guess, you change those passwords frequently, and you guard them well. And you encrypt any sensitive information on that PC so that if hackers make it past your first lines of defense, your crown jewels are still safe.
  • And you take a bunch of precautions, from backing up your data to regular maintenance, to make sure that your PC is always available to you.

The principles of protecting your website are not much different. Granted, putting them into practice can be a little more challenging, which is why you have companies like SiteLock to do it automatically and comprehensively.

But back to those principles. If you’re serious about protecting your website, think about it like you would any PC or laptop:

  • Protect it from malware that can infect your website, steal data, and spread to your customers.
  • Protect sensitive data, especially customer and credit card data, with layers of security that should include encryption.
  • Use strong passwords, especially for web access and FTP, that are changed often and protected well.
  • Teach all employees about your website security rules so that whenever they have access to your site, they use it responsibly.
  • And regularly review and update your security so that it can match the latest threats, meets any regulatory requirements (like PCI), and does not end up being blacklisted by search engines.

Protecting your website can be challenging, but we can make it easy. Call SiteLock at 855.378.6200 to learn how to automate website security.

 

Page 57 of 62

Powered by WordPress & Theme by Anders Norén