Gamers and music lovers alike may want to reset their passwords after reading the latest headlines. Last week, gaming client Steam announced they had found, and fixed, a severe security flaw that left local systems vulnerable for the past 10 years. The vulnerability would have allowed cybercriminals to infect any of its 15 million users with malware. A few days earlier, ticket distribution website Ticketfly fell victim to a cyberattack. The cybercriminal responsible defaced the website and claims to have a file of user and customer information taken from its database.
Tag: best practices
Making headlines last week, the spam campaign Brain Food has been feeding email recipients a steady diet of junk messages, infecting over 5,000 compromised websites over the last four months. Additionally, the U.S. Federal Bureau of Investigation (FBI) took control of a large cyber-attack aimed at Ukraine in late May 2018. The massive malware campaign infected up to 500,000 routers, many located in small businesses and home offices around the world.
Continuing to deal with the fallout from the Cambridge Analytica data scandal, last week, Facebook founder and CEO Mark Zuckerberg, testified before U.S. Congress admitting he never audited Cambridge Analytica to ensure the Facebook user data collected had been deleted. Also in the news this week, Panera Bread experienced a data breach that exposed millions of customers’ personal data for as long as eight months. Despite being warned by multiple security researchers, Panera did not disclose or address the leak until last week.
If you’re reading this article, it’s almost certainly not the first website performance article you’ve browsed. Let’s be honest, practically everyone has an opinion on the matter and you would probably deforest half the Amazon rainforest if you tried to print each article you’ve come across. Since we all want to save the habitat of the endangered Amazonian Wapuu and skip the conjecture, I’d like to share with you my 10 WordPress website performance best practices that provide gains you can actually measure.
In Part One of our #AskSecPro series on WordPress Database Security, we learned about the anatomy of WordPress. Now that we have a firm understanding of the role the WordPress MySQL database plays in a WordPress installation, we can take a look at the various ways an adversary can exploit the mechanisms involved. We’ll also explore some of the ways to defend your database against compromise.
As yet another series of data breaches unfolds, there’s been more focus on PCI compliance than ever before. And for good reason. Apparently the PCI Standards Council, the body that overseas PCI, thinks that too many companies are failing in their obligations.
In just the last two weeks we’ve seen major data breaches announced at firms like JP Morgan Chase, Community Health Systems (4.5 million Social Security Numbers exposed), UPS, Dairy Queen, and more than 1,000 retailers.