Home Blog Page 5

Top 10 Tips That Guarantee Your WordPress Website Security

0

Cyber-attacks are becoming more and more common these days. Therefore, it is highly important to ensure your WordPress website security to steer clear of all the online dangers.

WordPress is a well-known and commonly used platform for powering nearly one-third of world’s websites in the online space. The premium features are available to users at a reasonable price depending on the size and requirements.

According to a recent research finding, more than 70% of all the websites are vulnerable to cyber attacks. The problem lies with the webmasters who fail miserably in protecting their sites regularly.

Besides that, about 8% of WordPress security loopholes are created as a result of a weak password. So, the first thing to make sure is to have a strong password in place to ward off the hacking attempts.

There are several other significant things for achieving WordPress website security. In this article, we discuss top 10 effective tips to guarantee the WordPress website security. Keep reading to gain insights to better protect from hacking attempts:

#1 Activate Website Lockdown
The first and foremost thing to do on the list is to activate website lockdown to ensure your WordPress website security.  Usually, hackers attempt using numerous wrong passwords to crack into the system, by setting up a login limit, the website owner can prevent brute force attempts. On the other hand, the owner of the website is immediately notified of the unauthorized activity when the number of login attempts exceeds the limit.

#2 Use Two-factor Authentication
The two-factor authentication at the login page guarantees WordPress website security. In this approach, a user has to provide two different components at the time of login. It can be a usual password followed by a secret question, a secret code, a set of characters, etc. This definitely helps in attaining a higher level of WordPress security.

#3 Implement Email as Login
Today, many of us know email login measure prevents security threats. It is better to implement email as login instead of the username as it is easy to crack a username while email IDs are not. On the flip side, the WP Email login plugin works smoothly and doesn’t require any configurations at all.

#4 Rename Your Login URL
Direct URL of your login page is inviting to the hackers.  It is ideal to replace the login URL and get rid of 99% of direct brute force attacks. This small security measure can successfully restrict an unapproved person from accessing the login web page. Through this approach, the WordPress website security can be ensured.

#5 Do Away With The Old Plugins
Sometimes old plugins are used by hackers to gain backdoor entry into your website. If you are not using an old plugin then never leave it hanging, have it deleted and minimize your WordPress security risks.

#6 Keep Changing Your Passwords
One of the best ways to stay protected is to frequently change your website password. Always stay focused on the strength of your passwords, remember to use alphanumeric combined with special characters. Strong passwords are tough to crack and thereby ensure WordPress security.

#7 Install a firewall
Never miss an opportunity to ensure your WordPress website security both internally and externally. In order to achieve this, you must install a robust firewall to prevent essential security risks. There are a wide variety of firewall solutions available online, choose the one that best fits your need. Our recommendations are for Comodo’s award-winning Free Firewall which will effectively protect your website from viruses, malware, and hackers.

#8 Use SSL to encrypt data
Secure Socket Layer (SSL) certificate secures the admin panel efficiently, so implementing it saves big. Data transfers between user browsers and the server are carried out on highly secured lines,  cybercriminals will not be able to hack the connection or steal data. Purchasing and implementing the Secure Socket Layer from a reputed SSL company is super easy, so do it today.

#9 Secure the wp-admin directory
Any kind of security breach can put the WordPress security into grave danger. In order to stay safe, add a password to your wp-admin directory. This helps in securing the WordPress admin area as well.

#10 Back Up Your Website Regularly
It doesn’t matter how secure your website is, always run your backup on time. When there is an unanticipated security breach, your backup will come in handy. Nonetheless, you can quickly and easily restore your WordPress website. Never miss this golden opportunity and regret later. This approach also ensures your WordPress Website Security.

Website Hacked? No Need to Panic

0

Are you a victim of a hack or malware attack? Experiencing spam, phishing or any other fraudulent online activity? READ ON!

First step is to check your site for any infections and then if you do discover malware you will need to remove it.

Have you really been hacked?

If you think that your website is hacked, you need to confirm your doubts and verify the status of your website. Sometimes we’re not sure because our website may do something strange, and we may feel that the website is hacked. It’s because we are not able to distinguish between being hacked or spammed.

Your site has been hacked if you are seeing spam appearing in your site header or footer containing ads for pornography, illegal services, drugs or other inappropriate content. Usually, it is injected into your page as dark text on a dark background so it’s not visible to human eyes, but search engines can see it.

Another method to check if your site has been hacked is to do a site:example.com search on Google. Replace “example.com” with your actual website name. If you see pages or content that looks malicious or not familiar to you, then the website is hacked.

Also, your site may be hacked if your visitors are being redirected to a malicious or spammy website. Pay careful attention to these because hackers know you are the site administrator and hide the spammy content from you, but will make it visible to your website visitors.

In addition, your hosting provider may send you a report that your website is behaving strangely and showing signs of spam-related activity. For example, if your host tells you that they are getting spam emails with a link to your website, it means your website is hacked. The hackers are sending spam from somewhere and using your website as a means to redirect people to their own website. They do this because a link to your website will avoid spam filters while including a link to their own website will get caught in spam filters.

No need to panic, cWatch masters in detecting such dubious coding and injections in a website. Their experts will remove the malware from your website in just under 30 minutes, for most cases.

Detect website hacks before Google does using a source code scanner.

Website hacks are not visible from a surface perspective. Of the many proactive methods, the first one would be to use a source code scanner like cWatch, which would do a thorough and systematic inspection of all your PHP and other source codes to look for malware patterns. If something is detected, you’ll be alerted immediately.

Source code scanners detect hacks by looking for malware signatures that match known malware codes. But when it’s a newer malware, cWatch compares your source code with a known good version of the same code. Thus newer infections, for which detection signatures may not exist, are also detectable.

Check for hacks using a remote scanner

Use remote scanners, which look at the “rendered” version of the site, if you know it is the HTML that the website produces and not the source code. So, if a malware is injected in the website it would show malware only to certain users at certain times and matching some particular criteria. Such infections can be detected by a remote scanner. Use a remote scanner as an additional tool since it helps catch the virus on your website.

Back up your website right now. Here’s why:

Once you’ve known the website is hacked, backup your site immediately. Use FTP, your hosting provider’s backup system to download a copy of your whole website. Do not inform the hosting provider beforehand that your website is hacked; chances are they will just delete the entire site leaving you with no backup. Sounds strange, but unfortunately that is how it is. Backing up your files and database should be your first priority when you back up the website.

Now call the experts and clean your website. Now upload your website again and all vulnerabilities are taken care of. Get the most secure website safety solution.

INFECTED WORDPRESS THEMES STILL ON WORDPRESS.ORG PART2

0

Hidden advertising in functions.php and footer.php

Researched by: Goshko Stanislav

If you noticed that your website has been displaying unauthorized text ads anywhere within its pages such as in the header sections or the area where your social icons are located then, unfortunately, your website has been hacked.

These unauthorized ads may show up on any browser or may be specific to just one, such as Google Chrome. Many codes may even spread malwares as they are usually hidden in JavaScript and iFrame codes.

Hidden codes such as these can affect anyone who visits your website and may even install unwanted toolbars, trackers or malware onto their own computer.

If Google notices your website is doing this then it will block and remove your website from its search results!

In our research we found themes that cause your website to do something you didn’t initially want it to do – advertise and redirect end users back to someone else’s website or even worse spread malware.

The below list is just a small sample of the themes we have uncovered that are not at all what they seem to be and are full of hidden codes the developers don’t want you to know about.

Throughout these themes within the “functions.php” file we discovered various lines of encrypted code. These codes are being used by hackers to hide the actual code from users.

For example, we uncovered the following encoded PHP code:

Simply deleting encrypted codes may not be enough, considering it can have the ability to recover itself and spread elsewhere.

Therefore, to determine what files have been affected we begin by decoding blocks of the PHP code and then we can begin to have a better understanding of what we are dealing with.

Here it is decoded:

After analyzing these two pieces of code it was clear that the code included hidden advertising. Making matters worse the links can redirect your web traffic to sites with worse effects such as spreading malware.

So we wanted to dig further and see what other files we can find that have this ‘unauthorized advertising’ codes – our list of infected themes grew:

The encoded PHP code in hxxps://themes.svn.wordpress.org/tulipbud/1.0/footer.php revealed the following:

And after decoding the PHP code we get:

CONCLUSION
WordPress provides many theme choices ranging from free to paid.

Although the free themes may come inclusive of display advertisements while the paid themes are less likely to have them, yet either version are susceptible to being hacked and display unwanted advertisement and redirect your users to other sites.

Our findings realized that the developers of these codes use a multilayered encryption technique making it extremely difficult to discover and remediate.

Attempting to delete the code base64_decode may not be enough.

So we recommend starting by:

1. Backing up your website before any cleanup action is taken

2. Scan your website to locate the infected files

3. Remove all infected themes + files + plugins

4. Install a default WordPress theme to identify whether the code is still present

This is just a start in your remediation process, although it is very likely that there are some malicious files within your website root, wp-content or even between your WordPress files.

Having malware removal experts investigate and remove the files is highly recommended to ensure a completely clean website.

If your experience such an infection, please feel free to contact us at cWatch Web for a free consultation that will include a complete website scan as well as removal of any found malware.

WordPress Blog Hacked? Stay Calm!

0

If your WordPress blog has been hacked, there are chances of you getting frustrated and even going insane. In such scenarios, you will have to employ a pragmatic approach and learn how to be sure that you have definitely been hacked. You will have to understand certain symptoms that lead you to believe that you have been hacked. These symptoms are also known as Indicators of Compromise (IoC).

These are a few key indicators highlighting that you are definitely experiencing a ‘wordpress blog hacked’ situation:

  • Host has disabled your website
  • Website has been flagged for distributing malware
  • Notice behavior that was not authorized
  • Readers complaining that their desktop AV’s are flagging your site
  • You have been contacted that your website is being used for attacking other sites
  • You can visibly see that your site has been hacked when you open it in the browser
  • Website is blacklisted by Bing, Google, etc.

Consider applying these rules after confirming that your WordPress blog has been hacked:

  • You can usually delete anything in the wp-content/plugins/directory and you will not lose data or break your site. This is because these are plugin files that you can reinstall and WordPress will automatically detect if you have deleted a plugin and will thus disable it.Ensure deleting entire directories in wp-content/plugins and not just individual files.
  • You usually only have one theme directory that is used for your site in the wp-content/themes directory. If you know which one this is you will then be able to delete all other theme directories. If you have a “child theme” you could be using two directories in wp-content/themes, even though this is rare.
  • Watch out for old WordPress installations and backups. What sometimes happens is you or a developer will back-up a copy of all your site files into a subdirectory like ‘old/’ that is accessible from the web. This backup is not maintained and even though your main site is secure, a hacker can actually get in there, infect it and then access your main site from the backdoor they planted. So make sure that you do not leave behind old WordPress installations and if you do get hacked, you will have to check those first because there are chances of them being loaded with malware.

The steps below will help you to start working on the post-hack process when you are sure of experiencing a ‘wordpress blog hacked’ situation.

  • Stay calm by taking a step back and composing yourself. This will enable you to effectively take control of the situation and thus allow you to recover your online presence.
  • Take a moment to document what you are experiencing.
  • Scan your website.
  • Scan your local environment.
  • Check with your hosting provider.
  • Watch out for website blacklists.
  • Improve your access controls.
  • Lock things down so that you can minimize any additional changes.
  • Create a backup.
  • Find and remove the hack.
  • Once you are clean, you should update your WordPress installation to the latest software.
  • You need to change the passwords for your site after ensuring that your site is clean, thus  successfully recovering your site.

To prevent yourself from experiencing a ‘wordpress blog hacked’ situation, you can install cWatch Web software that has been specifically designed to protect all your web activities, shut down hacking attacks, clean up your site from malware, and prevent malware infections from occurring in the future.

WHAT IS HTTPS AND WHY SWITCHING TO HTTPS

0

Unless you have been living under a rock, you might have heard people talking about HTTPS while using the internet. So, what exactly is HTTPS and why it is important?

Well, as we store and share vast amounts of private and sensitive data over the internet (especially if you use social media platforms such as Facebook, Twitter, etc.), it makes good sense take precautionary steps to protect our privacy and browse the web more securely.

You may have noticed the word “HTTP” at the URL of your browser. Other times you will see “HTTPS,” and you wonder what the difference is.

What is HTTPS?

HTTP and HTTPS are internet protocols used by the web browsers to transmit and receive data on the internet. HTTP stands for Hypertext Transfer Protocol. The ‘S’ at the end of HTTPS stands for “Secure.” If the sites that you visit do not have HTTPS label, it means that the data you enter on that site is not secure.

What Does HTTPS Mean?

HTTPS means Hypertext Transfer Protocol (HTTP) for secure, and it is used to establish a secure connection between you and the site that you visit. With HTTPS enabled, communications between your web browser and the web-server (which hosts the website that you visit) get encrypted by a secure certificate known as an SSL (Secure Sockets Layer). This encryption of the transmitted data helps prevent hackers from sniffing your private information.

HTTPS (Hypertext Transfer Protocol Secure) is mainly used for securing your transmitted data (information that you enter on a website) across the internet. HTTPS is a combination of HTTP with SSL/TLS (Transport Layer Security) protocol.

HTTP is not a secure internet protocol. So when you communicate across the network by using the HTTP protocol, anyone can eavesdrop on your communication easily.  So if you want to transfer sensitive information across the internet, then it needs to be transported securely, and it should be accessible to authorized users (web servers) only. For these purposes only, HTTPS was created.

HTTPS protocol is mainly used in websites such as:

    • E-commerce Websites
• Banking Websites
• Payment Gateway
• Login Pages
• Email Apps

How HTTPS Works?

HTTPS or Hypertext Transfer Protocol Secure is a combination of HTTP (Hypertext Transfer Protocol) and a network security protocol (SSL or TLS). HTTP operates at the higher layer of the TCP/IP model. The SSL or TLS protocols operate at the lower sublayer. It encrypts the HTTP message during transmission and decrypts an HTTP message upon arrival.

Some of the major events during an HTTPS connection are given below:

    • Client (your web browser) requests a secure page when you type something in the browser.
• The web server (which hosts the website that you visit) then sends a public key and its certificate (TLS or SSL).
• Your web browser verifies the security certificate: It checks whether the certificate is valid, not expired and issued by a trusted party.
• After that, your web browser creates a Symmetric key and send to the web server.
• The web server will decrypt that key with the private key.
• After that, the web server will send the requested page (in an encrypted format with a symmetric key) to your web browser.
• Finally, your web browser decrypts the received webpage with the symmetric key and display the result to you.

All the processes mentioned above takes only a fraction of second to complete. Hence, you won’t be able to notice it when you use the internet.

What is The Difference Between HTTP and HTTPS?

HTTP or the Hypertext Transfer Protocol is useful when a user is only intended to access the information from a given website. But it is not safe for the user to transfer his personal information. If the user wants to send their personal information across the internet, HTTPS or Hypertext Transfer Protocol Secure is the ideal solution.

HTTPS is not unhackable, but it is still a robust way to send personal information across the internet. HTTPS prevents hackers from exploiting software vulnerabilities, brute forcing the users’ access controls and mitigates  DDOS attacks (Distributed Denial of Services).

Some of the major difference between HTTP and HTTPS are given below:

    • HTTP use port 80 for communication whereas HTTPS protocol uses the port 443 for communication

• The websites that use HTTP will have URL that starts with http:// whereas in the case of websites that use HTTPS, URL starts with the https://

• As mentioned earlier, HTTP is unsecured whereas HTTPS is secured

• In case of HTTP no security certificates are used but in the case of HTTPS security certificates such as the SSL/TLS are used.

• In case of HTTP protocol, information is transmitted as plain text, but in HTTPS protocol data is encrypted

Why Does Google Like HTTPS So Much?

Starting from July 2018, Chrome will mark all the HTTPS (Hypertext Transfer Protocol Secure) websites as “Not secure.” When a user visits a non-HTTPS website, the chrome browser will showcase a “Not secure” label with a red warning icon in the URL status bar.

Starting with Chrome 70 which is said to be released in October 2018, users who visit visits an HTTPS website (which doesn’t have SSL certification) will be greeted “Not secure” label along with a red warning icon in the URL status bar of Chrome browser.

Emily Schechter- Google Chrome’s Security Product Manager announced the upcoming changes to Google Chrome via the Google Chrome’s official blog. According to her statement, starting with Google Chrome version 69 which will be released on September 2018, websites that have the HTTPS classification will not have the green “Secure” text and padlock icon that appears in the URL bar of the Chrome browser.

She further states that the decision to remove secure box for HTTPS websites is because Google believes users know that the web is safe. Emily Schechter also added that internet users would recognize dangerous sites and remember not to enter them.

Emily Schechter also posted a graphic image of chrome version 69 showing the eventual treatment of HTTPS websites on her official post.

Reasons Behind the HTTPS Movement

When you need to use a website for purchase or provide sensitive information like the credit card details, there are two big things to think about. The first is the connection from your computer (web browser) to the company’s computer (web server which hosts that website). Your name and other sensitive information should travel from one to the other; this connection needs to be secure so that cybercriminals cannot access the information en route.

There are two methods to tell if a site is a secure one. First is the address bar where you can see HTTP (Hypertext Transfer Protocol), secure websites have an address that starts with an HTTPS. You can also look for the padlock icon on the browser. If you see HTTPS and padlock, the connection is encrypted and secure. But what about the company behind the website? How do you know it’s not a criminal with a secure connection? Well, a new web security system makes this easy, modern web browsers show color and company names in their address bars to help users know that the site is trustworthy.

Websites that do not have HTTPS (Hypertext Transfer Protocol Secure) label will need an SSL certificate to be able to be marked as safe by Chrome. The SSL functions as secure encryption by securing the interaction between the web server and user.

SSL certificates are issued to websites by unbiased companies called Certificate Authorities. These reviewers ensure the organization behind the website and the website are trustworthy and is using a secure connection (i.e., ensuring Website Security). If the site passes the tests, the Certificate Authority issues an EV SSL certificate and only sites with these certificates displays color in the address bar including the company name along with the address.

If you see Green color, it means the site is safe if it is red, you should not access that site. This process of website security checks prevents criminals from obtaining the SSL certificates to display the Green color information (Secure) on the browser’s address bar. So, when you see a website with green info in the address bar, you can be sure that it is legit.

Switch To HTTPS/SSL or else It Can Damage Your Businesses

If your website is still in HTTP (Hypertext Transfer Protocol), you should switch it to HTTPS/SSL immediately as most of the online visitors to your site might not stay on your website when they see a warning in their Chrome browser. It is also worth mentioning that Firefox and other web browsers will soon follow the lead of chrome.

This can be devasting for your business, especially if you run an e-commerce website. Most of the internet users would not be willing to purchase products or services from your site when there is an ‘insecure’ warning displayed on their web browsers (even if the checkout page is secure).

When you use an SSL Certificate on your website, it means that you are encrypting all information that is being shared on your website. It has a two-way process, SSL will encrypt information when a customer shares his/her information with you, and when you share data with your customer.

What Is A DDoS Attack And How Does It Work?

0

DDoS Attack Definition

A DDoS Attack is the short form of distributed denial-of-service (DDoS) attack. In DDoS attacks, multiple compromised computers target a website, server or other network resources through a flood of message requests or connection requests or malformed packets.

DDoS attacks lead to a denial of service for users of the targeted target system, forcing those targeted systems to slow down or even crash, thereby denying service to genuine users or systems.

DDoS Attack Working Mechanism

Cybercriminals carry out DDoS attacks by gaining unauthorized control of a network of computers. With the help of a specially designed malware, cybercriminals turn those computers, and other systems (such as IoT devices) into a bot (or zombie). A group of such bot systems is known as a botnet. Cybercriminals will remotely control the botnet to carry out the DDoS attacks.

Cybercriminals can direct the devices in the botnet by sending instructions to each bot via a method of remote control. When the botnet targets the IP address of a victim (a website, server or other network resources), each bot will respond by sending repeated connection requests to the target, potentially causing the targeted machine to overflow capacity, resulting in a denial-of-service to normal traffic.

Botnets can be of any size; botnets with tens or hundreds of thousands of compromised machines have become increasingly common, and there are no upper limits to their size. Once a botnet is created, the attacker can use the traffic generated by those compromised devices to attack the targeted website or computer with overwhelming connection requests.

Types of DDoS Attack

Below are some of the common DDoS attacks that attack web servers and web applications:

#HTTP Flood

HTTP Flood is a type of DDoS attack which appears to be legitimate GET or POST requests that are exploited by a cybercriminal. This type of attacks use lesser bandwidth than other types of DDoS attacks, but it can force the server (target machine) to use maximum resources.

#UDP Flood

A UDP flood type of attack targets random ports on a computer system or network with UDP (User Datagram Protocol) packets. It involves sending high volumes of UDP packets to the target machine.

#SYN Flood

SYN Flood type of attack exploits vulnerabilities in the TCP connection sequence (in a server), known as a three-way handshake. The attacker sends repeated SYN requests (a TCP connection) to the target machine (server).

Usually, the server replies with an SYN-ACK response, and then the client system follows up with an ACK signal to establish the connection. In an SYN flood, the ACK is never sent. This leads to build up of incomplete connections, leading to the server (target machine) slow down or even crash.

#Ping of Death

Ping of Death is another type of DDoS attack which manipulates IP protocols by sending malicious pings to the target system. This method depends on the response by target machines. It can significantly increase bandwidth usage, eventually causing the server to slow down or crash.

#Smurf Attack

Smurf Attack is another type of DDoS attack which uses a special kind of malware known as ‘smurf’ to exploit Internet Protocol (IP) and Internet Control Message Protocol (ICMP). In this type of attacks, the targeted machines are flooded with spoofed ping messages-rendering the targeted machine unresponsive.

#Application Level Attacks

Application Level Attacks exploit security vulnerabilities in the applications (targeted system’s applications). The ultimate aim of this type of DDoS attack is not to target the entire server, but applications with known vulnerabilities.

#Advanced Persistent DoS (APDoS)

Advanced Persistent DoS (APDoS) is another type of DDoS attack which is aimed at inflicting serious damage to the targeted machines. It uses a variety of attacks such as the HTTP flooding, SYN flooding, etc., to attack the targeted devices. This type of DDoS attacks can last for several days to weeks, mainly due to the ability of the attacker to change tactics at any moment and to create modifications to evade security defenses.

#Zero-day DDoS Attacks

A zero-day DDoS attack is another type of DDoS attack which is similar to zero-day cyber attacks. This type of attacks exploits zero-day vulnerabilities (for which no patch is available) in the targeted systems.

DDoS Attacks: Prevention, Detection, and Mitigation

No matter the type of business you are running, keeping a business application or website up and running is critical to your brand’s reputation and cybercriminals want to target this weakness with DDoS attacks. The unpredictability of DDoS attacks makes it difficult to take precautionary measures, which further incentivizes attackers to take action.

How can you protect your websites and web applications from such a cyber attack and stop DDoS attacks? As mentioned earlier, a DDoS attack will usually begin with a single compromised machine, but rather than exposing itself with a direct attack; it will locate other vulnerable systems and servers all over the world and secretly install the malware on them-creating a botnet.

The best way to prevent some types of DDoS attacks is by blocking unused ports, keeping the software up-to-date, and using modern networking hardware. Precautionary measures cannot avoid other types of DDoS attacks. In such scenarios, the best thing that you can do is to use malware or malicious activity detection software such as the Comodo cWatch to find the DDoS attacks early and prevent them from doing much damage to your business.

Comodo cWatch is one of the leading website security software that is available in the market today. cWatch can detect and remove web security threats (including DDoS attacks) and also enhances the speed of your website. With a powerful cloud-based malware scanning and ‘Default Deny’ approach, Comodo cWatch will go beyond your expectations.

You might have put in so much of your time and effort on your website (and your brand) or web application, so you need to be cautious when it comes to web security. Try cWatch today!

Achieving The Web Applications Security

0

Web applications play a critical role in half of all breaches that happen around the world. With all this going around for a while now, a meager of 10% of companies secure all their critical applications and have the applications reviewed on security stance before and during production.

Of late, the need arises for the companies to be clear on their web application security agenda. There is a dire need to replace fragmented, manual pen testing with ongoing, automated scanning. By doing so, they can defend their global application infrastructures. And this would also do away with the need for hiring extra consultants, installation of more servers and scanning tools.

What Is Web Application Security?

Web application security refers to the methodology of securing websites and internet services against various security threatsthat make use of vulnerabilities in an application’s code. The most common victims of web application attacks are content management systems like WordPress, database administration tools like phpMyAdmin, and SaaS applications.

Notable Reasons To Why Cyber-attackers Target Web Applications

Web Applications have become the simplistic route for comfortable attacks to be carried on by cyber-attackers as they prove to be least resistant. The below-mentioned reasons attribute for remaining as their prime target:

    • The web applications as the terminology suggest is continually exposed to the Internet. So, it is a bit easy to penetrate by external attackers using open tools that look for common vulnerabilities such as SQL Injection.
• It is easy to attack usual targets like the network and host operating system layers which have their security tightened over time. In addition to this,  the operating systems and networks are secured by mitigating controls like the IDS/IPS systems and next-gen firewalls.
• When the time is insufficient and the need to deliver the product is creeping up then the testing phase may skip a few procedures. This might lead to vulnerabilities being exposed as the security concerns being overlooked.
• The critical vulnerabilities may arise when the applications are compiled from hybrid code a mix of in-house development, outsourced code, and open source. This is due to the lack of proper visibility into the mechanisms and components.
• The Web 2.0 technologies that incorporate complex client-side logic such as JavaScript (AJAX) and Adobe Flash present a larger attack surface.

The Comodo cWatch –  A Complete Website Security Software Solution Which Discovers and Continuously Monitors All Your Web Applications

Most of us tend to neglect to append website protection and security when we build our website. It is a really bad idea to miss out on the guidelines in today’s evolving threat landscape. So, it is important for you to add security features and to protect your site from online dangers.

Web application security is a significant factor in the success of any web-based business. If the security of your web-based applications gets knocked-down, then it will negatively affect the company and its growth. So positively, add the key features to your website design strategy, and prevent the hacker from getting hold of important digital files and images on your website.

Comodo cWatch is a comprehensive website security tool for websites and applications. It features a powerful Web Application Firewall (WAF) provisioned over a Secure Content Delivery Network (CDN). It is backed by a 24/7 Cyber Security Operation Center (CSOC) with certified security experts. It leverages data from over 85 million endpoints to detect and mitigate threats before they occur.

Comodo cWatch also includes malware scanning, detection and removal services to enable organizations to take a proactive approach in protecting their businesses and brand reputation from cyber attacks.

3 Ways To Spot Malicious Websites

0

Phishing scams have brought in serious concerns as hackers use it to steal information by diverting users to malicious websites. Phishing scams use attractive advertisements as a bait which is too good to believe, while the users get tricked into clicking such advertisement links and get directed to the malicious websites.
With curiosity gushing in, most of us click on the malicious link or attachment, later to realize that the mail containing the link/attachment is a scam. The result of which would be giving away information to the malware author and hence loss of data, or it might be used to find security vulnerabilities of the software in the computer, for the software authors to install virus without our consent.

In this article, we would be discussing the tell-tale signs on how the malicious website infects in the most unexpected ways.
1. ENCRYPTION
The most common of all is using a fake banking site. Hackers use robust methods to steal the code of the original bank page so as to make the fake site resemble the same. By this way when any of us try and log in the genuine-looking malicious website, the hacker gain access to all the login information and there we go with our credit in jeopardy.

Enough said we remind you once again never to click on any link or attachment. It is highly recommended to manually type the website address in the address bar, this not only prevents you from entering the malicious websites but also saves you from losing sensitive data.

It is also wise to check the address bar of the browser to ensure that you are in the right place. For example, for GOOGLE it should be “www.google.com” and not “www.g00gle.com”

Banking sites should comply with security policies and so the address should ideally start with “https://” and there should be a visual cue to ensure website security. Most of the sites, start loading encryption a little later, so ideally this would not be an instant solution to verify if the website is malicious or not.

2. PRESENTATION
As you enter the website, see to the content, layout and the overall presentation of the website. Not all websites are cloned well to mimic the authenticity of the original ones. Hackers who run on a low budget to bring out a decent looking website, however, come up with a low-quality presentation, bad layout, terrible grammar issues and spelling errors – This is the time, you pause and exit the malicious website

3. CONTENT
Have a closer look at the content and what the intentions of the websites. Check if the website requests you to do a survey, download program, or share any information so they assure you to send some money. Remember, nothing comes for free and no one would be interested to give you money on a goodwill – so you can be sure that the website is trying to impose an attack.

Sometimes, hackers take software from the internet that is free and add malicious content to it and put them in any of the generic websites. People not knowing this, randomly pick up and download such infected software from any generic site, assuming it to be real.

You will also be forced into downloading a software, they kindle the curiosity in you to see videos by giving exaggerating views about the video. So if you are desperate to watch the video, you would have to download the latest update which would carry the infectious malware. So it is good to be wary of such updates and therefore watch videos on genuine video channels like youtube.

Last but the most important of all, is that most of us get drawn towards the caption “FREE”, eg: Free gift vouchers, free car. Remember to ignore free deals that are too good to be true as nothing comes for free.

Stay away from Malware Interference

Keep your software up to date with the latest patch fixes to avoid malware interference

Disable the software from running automatically

So it is better to understand how to identify if the email is genuine or malware intended.

What Are Cookies

0

A cookie is a small file that a website places on your computer in order to store information. The entire process is harmless, and can also be helpful because cookies do useful things by saving you from the trouble of logging into a site every time you open and close your browser, storing your shopping cart information between sessions, and several other helpful time savers. The ones that give cookies a bad name actually track users without their knowledge and help advertisers and several other entities build profiles of users. Many people aim at limiting the amount of information that is collected about them, and they do so by limiting the kind of cookies that their browser accepts and retains.

Browser Cookies

Cookies are considered to be a vital browser feature and you will actually find yourself unable to log into websites if you disable cookies. Cookies are tiny pieces of information stored by websites on your computer. They only comprise of bits of text and nothing else. The text can be a session ID, user ID, or any other text. For instance, web pages can be configurable – it is possible for a web page to have a Hide link capable of hiding a specific element on the page. This setting can be saved by the page on your computer with a cookie. When the page is loaded in the future, it will be able to analyze the cookie and automatically hide the element. After you clear your cookies, you will be logged out of all websites and these websites will not remember any settings you have changed on them. Cookies are thus very common and you probably have hundreds or even thousands stored in your browser even now.

Cookies are stored and managed by your web browser. You will first find a list of websites storing cookies and then you will be able to view the cookies themselves – despite the fact that it is usually not interesting to look at the content of the cookies – in your browser’s settings. If you use multiple web browsers on your computer, you will notice that each browser has its own set of cookies. The browser cookies can be managed from its settings window. The cookies will also get deleted by each browser’s Clear Private Data tool.

How to Delete Cookies (or) Remove Cookies

You should bear in mind that not all cookies are used for benign purposes. There are cookies also used for tracking your online activity. Ad servers send cookies along with ads in order to identify viewers and track all their online activities. This information is critical for building profiles of us as viewers that can be used for pushing relevant ad content at us whether we really like it or not. Some of these tracking cookies could also tie your online activities to your real-world identity.

Managing cookies is just part of a set of simple actions you can take to safeguard all your information and your privacy. If you don’t want other users of your computer to see your online activities, you can effortlessly clear the history of visited websites that each browser tracks. Explained below are steps that will help delete cookies in a few popular web browsers.

Clearing Cookies in Popular Web Browsers

Google Chrome
• Click the Chrome menu button (three horizontal bars) and select “Settings” from the drop-down menu.
• The Settings screen displays on a new tab. Scroll down to the bottom of the page and then click “Show       advanced settings”.
• Click “Content settings” in the Privacy section.
• The Content Settings dialog box displays. Click “All cookies and site data” in the Cookies section.
• The Cookies and site data dialog box shows you how many cookies have been saved for each site that saved cookies on your computer. Each site comprises of buttons representing each of the cookies for the site. To delete a single cookie from a site, click one of the buttons and then click “Remove”.
• Delete all the cookies from that site in order to click the “X” button to the right.
• To remove all the cookies for all the websites in the list, click “Remove All”.
• When you have completed deleting cookies, click “Done” on the Cookies and site data dialog box and again on the Content settings dialog box.
• If you know you want to delete all cookies and website data, not individually, there is a quick way to do this. On the Settings tab, click “Clear browsing data” under Privacy.
• On the Clear browsing data dialog box, ensure that the “Cookies and other site and plugin data” box is checked. You can also indicate a time frame for which you want to delete the cookies from the drop-down list at the top of the dialog box. You can select from the past day, the past week, the past hour, the last 4 weeks, or the beginning of time. Click “Clear browsing data” once you’re ready to delete all your cookies.

Mozilla Firefox
• Open the main Firefox menu (three horizontal bars) and then click “Options”.
• The Options open on a new tab. Click Privacy in the list of items on the left side of the tab.
• There are two ways to examine the cookies saved on your computer, based on which option is selected in the Firefox will dropdown list. Click the “remove individual cookies” link if “Remember History” is selected.
• click the “Show Cookies” button on the right if “Use Custom Settings for History” is selected in the dropdown list.
• The Cookies dialog box shows a list of all the websites that have put cookies on your computer. Click the arrow next to a site name in order to view a list of the individual cookies placed by that site. To delete just one cookie, select the cookie in the list, and click “Remove Selected”.
• To delete all cookies for a specific website, select the website folder and click “Remove Selected”.
• Click “Remove All” to delete all cookies for all websites in the list.
• When you have completed managing your cookies, click Close to close the Cookies dialog box.
• You are brought back to the Options tab. Just like in Chrome, there is also a quicker way to delete all cookies. Ensure that the Privacy screen is active on the Options tab and click the “clear your recent history” link under History. This option is available only for the “Remember History” option, not when “Use Custom Settings for History” is selected in the Firefox will dropdown list.
• If the “Never Remember History” option is selected in the Firefox will dropdown list, the “clear all current history” link is available. The Never Remember History option causes Firefox to restart in private browsing mode.
• Clicking either “clear all current history” or “clear your recent history” opens the Clear All History dialog box. Here you can select a Time range to clear.
• Make sure the Cookies box is checked and then, click “Clear Now”.

Internet Explorer
• Click the gear button in the upper-right corner of the browser window and select “Internet options” from the drop-down menu.
• The Internet Options dialog box displays. To view and delete individual cookies, click “Settings” in the Browsing history section.
• The Website Data Settings dialog box displays. Ensure that the Temporary Internet Files tab is active and click “View files”.
• Windows Explorer opens displaying the contents of the INetCache folder. By default, the files are displayed as tiles, but you will have to display the details for the files in order to see the types of files. To display the details for the files, click the down arrow on the “More options” button above the list of files.
• Select “Details” from the pop-up menu.
• Scroll down until you find files labeled as cookies. They should have “cookie” in the Name and Internet Address. You can select one or more cookie files and then delete them either by pressing the Delete key or by right-clicking on them and selecting “Delete”. Hold down the Shift key while you press Delete in order to permanently delete the selected cookie files.
• A confirmation dialog box displays. Click “Yes” if you really want to delete the selected cookie(s).
• After deleting individual cookies, you can close the File Explorer window by clicking the “Close” button in the upper-right corner of the window.
• To delete all your cookies, first close the Website Data Settings dialog box by clicking either “OK” or “Cancel”.
• This brings you back to the Internet Options dialog box. Click “Delete” in the Browsing history section.
• To delete all the cookies and website data, check the “Cookies and website data” checkbox on the Delete Browsing History dialog box. Select any other desired options and click “Delete” to remove the selected items.
• You are brought back to the Internet Options dialog box. Click “OK” to close it.
• A pop-up message gets displayed at the bottom of the IE window telling you that the selected browsing history has been deleted. There is an “X” button on the far right of the pop-up window you can click to close the message.

Should You be Worried About a Forged Cookie

A forged cookie is like a little token that is stored in a browser; however, it has been reverse engineered by the bad guys focusing on tricking a website into thinking it was the original cookie. Wondering whether you should be worried about such a cookie, Jeremiah Grossman, chief of security at SentinelOne, reported to NBC News that “usually this type of forged cookie hack is extremely difficult,” and it would “only be possible after a very deep hack” into a website. Hence, you can place forged cookies low on the list of scary things to worry about on the internet. However, Grossman stated that changing your password on a regular basis should theoretically negate any forged cookies – should they even exist.

cWatch Comes To Your Rescue

A cookie is used for identifying a website user. As mentioned earlier, it is a small piece of text sent to a browser by a website accessed via the browser. It carries information about that visit like remembering the website visited preferred language and several other settings. This data is stored by the browser and it is then used to access the features of the website or the next time the same site is visited in order to make the access more personalized. If a website happens to use cookies for authentication, then it could be possible for an attacker to obtain unauthorized access to that site by obtaining the cookie.

Website security and browser security are thus extremely important to protect your identity and sensitive data. For instance, cookies are also used by online shopping carts. As you browse for DVDs on a movie shopping site, you will be able to add them to your shopping cart without logging in. Your shopping cart does not “forget” the DVDs, even as you jump from one page to another page on the shopping site, because they are preserved via browser cookies. It is also possible to use cookies in online advertising, to remember all your interests and then show you relevant ads as you surf the web.

By default a web browser is available with an operating system and it is set up with a default configuration which does not have all secure features enabled in it. Failing to secure your web browser leads to problems brought about by the installation of malware, viruses, worms, spyware etc into a computer and this indeed may cause intruders to take control over your computer. This indeed highlights the need to enable efficient security features in your web browser in order to minimize several computer-related risks.

There is now a simple solution to prevent such web security related issues caused by cookies. The solution here is installing Comodo cWatch, a comprehensive website Security-as-a-Service solution built on unmatched security intelligence and experience that includes a team of GIAC certified security engineers equipped to remediate any threat for you.

cWatch Web working from a security standpoint is available with the following features:

• Web Application Firewall (WAF): This is a powerful, real-time edge protection for websites and web applications providing advanced security, filtering, and intrusion protection.
• Secure Content Delivery Network (CDN): This is a global system of distributed servers that can improve the performance of web applications and websites.
• Security Information and Event Management (SIEM): SIEM provides improved intelligence capable of leveraging current events and data from 100M+ domains and 85M+ endpoints.
• PCI Scanning: This scanning enables service providers and merchants to stay in compliance with Payment Card Industry Data Security Standard (PCI DSS).
• Malware Monitoring and Remediation: Detects `malware, provides the methods and tools to remove it and also prevents future malware attacks.
• Cyber Security Operations Center (CSOC): cWatch provides a team of always-on certified cybersecurity professionals offering round-the-clock surveillance and remediation services.

Are Progressive Web Apps The Future?

0

The list of apps to chose from for software developers seem to be increasing in number. Native apps, web apps and now it seems progressive web apps are the next in the list. In this blog, let’s take a brief look at what each of these apps is, the advantages they offer, and answer the all-important question: are progressive web apps the future? Read on to know more.

Native Apps

Native apps are basically apps which are native to one particular platform. Like Windows, Apple, Mac etc., These apps are built or designed with a particular platform or OS in mind and they take advantage of the inbuilt features the OS offers. One of the biggest advantages of native apps is they load fast and are extremely secure since the developers often have to go through a lot of security procedures for developing the app. And the downside is that maintenance cost is usually high and different versions have to be created if the developers want the app to be compatible across platforms.

Web Apps

The ease of development is what made web apps popular. They exist on the web and not on the user’s device. This means the app could be developed as and how the developer wishes without having to play by certain rules. Of course, they are compatible across various platforms. But the huge drawback with web apps is security. Users are often left to take care of this on their own. Like, for example, WordPress users subscribing to Comodo cWatch for the security of their website.

Now Time For Progressive Web Apps?

Progressive Web Apps (PWA) is supposedly a mixture of native apps and web apps. Web apps have never been able to provide the functionality and seamless user interface which native apps offered. Progressive Web Apps (PWA) are being projected as the solution for this. Simply put, PWA would be a web app which can deliver a native-app-like user experience. They don’t entirely depend on internet connectivity and can even work offline. They require minimal developmental efforts and require no installation. So are PWA(s) the future?

Conclusion

If history has taught us anything it’s this: everything takes some time to appeal to the society. And in this case, where software developers have become used to native apps and web apps, it may take longer than usual. Therefore PWA(s) don’t necessarily mean the end to native as well as web apps. Therefore native app users, don’t panic or despair. And web app users, don’t forget to secure your web apps using a website security tool like Comodo cWatch!

Use Comodo cWatch

Comodo cWatch, which comes equipped with impressive website security features like real-time threat and breach prevention, advanced persistent threat identification, SQL injection and XSS injection prevention, OWASP top 10 protection, along with Content Delivery Network (CDN) and a comprehensive 24/7 cybersecurity operations center, ensures your websites and web apps stay secure against various kinds of web security threats.