Are Malicious Bots Visiting Your Website?

Bots are alive, well, and busy on the Internet, making up nearly half of Internet traffic. Bad bots are used by cyber-criminals and cyber attackers to automate harmful exploits and attacks, such as denial of service attacks, crypto-coin mining, data mining, information exfilitration, account hijacking, vulnerability scanning, spamming, and other illegal or illicit activities.

Not all bots are bad.  Some of these site visitors are helpful, such as the automated bots from ...

Continue Reading →
0

Phishing Sites Using HTTPS Too

When you see the secure HTTPS protocol at the beginning of a web address, or see the green “secure site” padlock symbol, does this mean that the site is safe?  Unfortunately, the answer is NO.  There is some confusion among computer users about what HTTPS really means.  This confusion is being exploited by cyber-criminals running phishing exploits.

HTTPS or secure hypertext transport ...

Continue Reading →
0

What the Heck is a Watering Hole Attack?

We’ve all seen this on National Geographic.  A lion, tiger, or other top predator hides near a water hole and waits for some sort of four-legged lunch to stop by for a drink.  Cyber-criminals and other attackers are using a similar technique to download and install malware from niche or industry specific websites to computer systems at targeted businesses.  Here’s how ...

Continue Reading →
0

Huge Worldwide WordPress Brute Force Attack

The rare Tuesday post, but this couldn’t wait.  If you are running a WordPress site, you need to know this.  This was just released by WordFence.

“Early this morning our team was woken up by systems alerts letting us know that we needed to scale up our attack logging capacity. The number of WordPress attacks we were monitoring per hour had ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


ST17-001: Securing the Internet of Things

11/16/2017 04:52 PM EST  Original release date: November 16, 2017

The Internet of Things refers to any object or device that sends and receives data automatically through the Internet. This rapidly expanding set of “things” includes tags (also known as labels or chips that automatically track objects), sensors, and devices that interact with people and share information ...

Continue Reading →
0

Gravityscan Provides Website Malware Scanning for Any Website

Websites are a popular target for cyber-criminals, because they offer a platform for malicious activity.  A hijacked website can be used for hosting malware downloads or phishing landing pages.  Personal information stored in a website database about site users, including user names and passwords and other personal information can be extracted, decrypted, and sold on the Dark Web.

I have devoted many articles to properly securing WordPress websites.  Now there is a ...

Continue Reading →
0

More WordPress Security Issues – Malware Hiding in Popular Plugins

There is more bad news for WordPress website owners and developers.  WordFence has found more instances of popular plug-ins being modified to contain malicious software.  The three most recent discoveries are:

WordFence had reported earlier about another 9 ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


BlueBorne Bluetooth Vulnerabilities

09/12/2017 05:26 PM EDT  Original release date: September 12, 2017

US-CERT is aware of a collection of Bluetooth vulnerabilities, known as BlueBorne, potentially affecting millions of unpatched mobile phones, computers, and Internet of Things (IoT) devices. A remote attacker could exploit several of these vulnerabilities to take control ...

Continue Reading →
0

An Interesting New Twist on WordPress Site Hijacking

This story reads like fiction.  OK, not great fiction, but this story illustrates another way that WordPress websites can be hijacked and used to promote a cyber scam.

WordPress websites are often hijacked so a phisher can host their landing page on a site that does not lead back to them.  And WordPress sites can be interesting targets for other cyber-criminals who export the ...

Continue Reading →
0

Don’t Miss It! I am a featured speaker next Tuesday at Joule Cram Day

NEW!

Joule U . CRAM DAY

Tuesday . September 26 2017

SIX 60 MINUTE CLASSES
Learn something new! Attend one, some or all.

My presentation, Shields Up for WordPress Websites and Blogs is from 2:30 to 3:30.

I know many of the other speakers and this looks like a terrific lineup.  Block out the day and get some valuable information you can ...

Continue Reading →
0
Page 3 of 6 12345...»