A quick Saturday digest of cybersecurity news articles from other sources.This entry was posted in WordPress Security on May 2, 2018 by Mark Maunder
Although there is nothing to worry about, you may want to ...
We have talked about new Office document exploits that don’t require macros to run. Here is a new one with more twists and turns than a mountain road. Trustwave has reported instances of a new attack that starts as a spam or phishing email with a Word document (.DOCX) attachment. Open the Word document and it will call out for another document download, this one in Rich ...
Tomorrow is World Password Day. WPD is observed on the first Thursday of May. So today would be a great day to take your passwords out to Valley Fair or a movie – wait a minute, that’s silly. You only can do that if you have all your password in a spiral notebook.
Password spraying is a new password exploit that is being used effectively against larger networks. It’s become enough of a problem to merit an alert from US-CERT entitled TA18-086A: Brute Force Attacks Conducted by Cyber Actors. Here’s how it works.
Typically, in a traditional brute-force password attack, the password cracking software runs a long list of every possible password against a system. ...
Continue Reading →
Your website has been hijacked. You found out when a client called and said your website was flagged as malicious on Google, in their browser, or by their anti-malware application. After you get over the initial shock, embarrassment, and anger, you wonder what you need to do next. How do you get your website cleaned up and your ...
Over the last couple of weeks we have been taking a deeper dive into website security. If you have been using our articles to improve the security of your website, we are gratified.
Today we are adding some advanced security techniques to your defensive arsenal. Many of these solutions are specific to WordPress websites, but there are some that apply more globally. Some of these ideas may require some outside professional ...
Continue Reading →
If you have been following our series of articles on website security, we have shared information about how and why your website is an attractive target for cyber-criminals and other bad actors. Today we will give you some specific actions to take to secure your WordPress website. This information can be used on other types of websites too, ...
The best way to determine if your web site has built in vulnerabilities that an attacker could exploit is to hack your website yourself. This is not typically a do-it-yourself project, unless you have some decent technical skills. But with a little time and a few free downloadable tools, it could be something you could try, if for ...
Now that you understand why your website may have been hijacked, you want to know if your website has been hijacked. Finding out your website has been hijacked is not necessarily easy. Sometimes site owners think they have been attacked, when it was something innocuous. But discovery of a hijack can happen a number of different ways, and many of them can be embarrassing.
If you own a small business, you have a website. Would you be surprised to learn that your site is a top target of cyber-criminals? Most people believe their business is too small and insignificant to be interesting to attackers, but your website is valuable to them precisely because it is small.
What makes a small business website an attractive ...
Continue Reading →