Gravityscan Provides Website Malware Scanning for Any Website

Websites are a popular target for cyber-criminals, because they offer a platform for malicious activity.  A hijacked website can be used for hosting malware downloads or phishing landing pages.  Personal information stored in a website database about site users, including user names and passwords and other personal information can be extracted, decrypted, and sold on the Dark Web.

I have devoted many articles to properly securing WordPress websites.  Now there is a ...

Continue Reading →
0

More WordPress Security Issues – Malware Hiding in Popular Plugins

There is more bad news for WordPress website owners and developers.  WordFence has found more instances of popular plug-ins being modified to contain malicious software.  The three most recent discoveries are:

WordFence had reported earlier about another 9 ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


BlueBorne Bluetooth Vulnerabilities

09/12/2017 05:26 PM EDT  Original release date: September 12, 2017

US-CERT is aware of a collection of Bluetooth vulnerabilities, known as BlueBorne, potentially affecting millions of unpatched mobile phones, computers, and Internet of Things (IoT) devices. A remote attacker could exploit several of these vulnerabilities to take control ...

Continue Reading →
0

An Interesting New Twist on WordPress Site Hijacking

This story reads like fiction.  OK, not great fiction, but this story illustrates another way that WordPress websites can be hijacked and used to promote a cyber scam.

WordPress websites are often hijacked so a phisher can host their landing page on a site that does not lead back to them.  And WordPress sites can be interesting targets for other cyber-criminals who export the ...

Continue Reading →
0

Don’t Miss It! I am a featured speaker next Tuesday at Joule Cram Day

NEW!

Joule U . CRAM DAY

Tuesday . September 26 2017

SIX 60 MINUTE CLASSES
Learn something new! Attend one, some or all.

My presentation, Shields Up for WordPress Websites and Blogs is from 2:30 to 3:30.

I know many of the other speakers and this looks like a terrific lineup.  Block out the day and get some valuable information you can ...

Continue Reading →
0

Email Account Hijacking – Part 3 Extending the Exploit

On Monday and Wednesday we looked at email account hijacking, how it happens, and what can happen after the account is controlled by an attacker.  Today we will see how an attacker could use the beachhead they established in your email account to extend their intrusion.

They have already proven that you are susceptible to phishing and other social engineering exploits.  So sending the victim other phishing emails that allow more access ...

Continue Reading →
0

Speaking at 2017 ISSA International Conference

I am honored to be presenting at the 2017 ISSA International Conference, October 9-11 in San Diego, CA. This year’s theme is “Digital Danger Zone.” Please join me for networking, education, and fun.

I will be presenting “Shields Up for WordPress Web Sites and Blogs.”  This presentation covers the threat of website hijacking, what an attacker wants to do with your website, ...

Continue Reading →
0

Backup Options for WordPress Websites

On Wednesday we discussed the importance of backing up your website as part of a larger cybersecurity strategy.  Today we are going to look at feature considerations for you as you decide which backup plugin is right for you.

Personally, I have used both Backup WordPress and Updraft Plus, and I have been satisfied with both of them.  When you search for backup plugins, ...

Continue Reading →
0
Page 1 of 3 123