Making headlines last week, the spam campaign Brain Food has been feeding email recipients a steady diet of junk messages, infecting over 5,000 compromised websites over the last four months. Additionally, the U.S. Federal Bureau of Investigation (FBI) took control of a large cyber-attack aimed at Ukraine in late May 2018. The massive malware campaign infected up to 500,000 routers, many located in small businesses and home offices around the world.
Tag: web application firewall (WAF) Page 1 of 4
As a startup, your website is critical to your success: it’s the face of your business and likely your primary channel for revenue and lead generation. However, your website and your business are put at risk every day by an unseen threat: cyberattacks.
The average website experiences 59 attacks every day, any of which could result in stolen customer data, blacklisting by search engines, or suspension by your web host. A successful attack on your site could also impact revenue, tarnish your reputation, and degrade customer loyalty. To protect against a possible cyberattack and mitigate the consequences it could have on your business, you’ll need to invest in website security.
SiteLock is expanding the network behind our web application firewall, TrueShield, and our content delivery network, TrueSpeed. To accommodate our growing customer base, we’re adding over 130,000 new unique IP addresses on May 1st, 2017. This will require some customers to make changes to their firewall or web server configuration to ensure our new servers are compatible with your website’s hosting server. If these changes are not made by May 1st, 2017, your site visitors may be restricted from accessing your website.
From malware and vulnerability scans to real-time security updates, the SiteLock WordPress Plugin provides complete website security management without ever having to leave WordPress. In December 2017, the SiteLock WordPress Plugin was updated to v4.0.4. For those of you already using the plugin, you can update your version within your WordPress Dashboard. For newbies, you can download and install the plugin here.
Continuing our #AskSecPro DDoS series where we last discussed Application Layer Attacks, today we’ll focus on some of the most popular protocol-based DDoS attacks we’ve seen hit our customers’ web application firewall, SiteLock TrueShield™, over the years. TrueShield™ is SiteLock’s distributed cloud-based web application firewall (WAF) with the capability of defending against attacks across layers 3, 4, and 7.
In our last #AskSecPro article we discussed the differences between a DoS and a DDoS attack. Now that we understand what a DDoS attack is in concept, let’s learn a little more about the mechanisms involved in these attacks. In Part Two of the DDoS Attacks series we’ll focus on some of the attack vectors utilized by adversaries when launching a denial of service attack.
There are times when a website may want to send a visitor to another page either immediately or after a specified amount of time (usually seconds). As an example, consider an outdated page that you believe your visitors have bookmarked – You don’t want to lose the traffic, so you just automatically redirect them to another page. While less common today, these redirects and forwards do still exist, but if not setup properly, they could pose an outside risk to your online presence.
As a website owner, one of your main goals is to increase website traffic. Ultimately, the more traffic you have, the more revenue your business generates…right? Well, not necessarily. And we can explain why.
Bots represent over 60 percent of all website traffic, meaning there are potentially more Internet bots than humans frequenting your site. There are essentially two types of bots, “good” and “bad.” Good bots carry out jobs, like search engine crawling. Bad bots represent 35 percent of all bot traffic and perform malicious tasks, like DDoS attacks. Not to mention that the more web traffic visiting and requesting information from your site, the slower it renders.
Websites experience 22 cyberattacks per day on average. That’s more than 8,000 attacks per year, per website. You might assume the majority of these attacks are aimed at eCommerce sites because they accept and store credit card information, but actually, the eCommerce sector accounts for only one percent of compromised websites.
Cybersecurity continues to be an evolving challenge for website designers and developers. Everyday, hackers create new malware strains and perform sophisticated attacks that can devastate client websites.
SiteLock is promoting Cybersecurity Awareness Month and as a web designer or developer, it is imperative that you understand your role in the security of your clients’ websites. Many people assume that you are handling every aspect of the site, including its protection. Because of this, you must take action and understand how to provide that security.