Archive for security

Good reminder to Change Your Passwords “LinkedIn”

While regularly changing your online passwords is always a good thing to do, recent news of leaked LinkedIn passwords are a great reminder why:

http://mashable.com/2012/06/06/6-5-million-linkedin-passwords/ 

WordPress Addresses Vulnerabilities

A new version of WordPress, a popular open-source blog and content management system, was released which addresses three security issues. Few details have been provided however, the issues addressed are a cross-site request forgery (CSRF) vulnerability, a denial of service (DoS) issue and a cross-site scripting (XSS) vulnerability. It is not clear which prior versions of WordPress are vulnerable so we urge all WordPress administrators, particularly those whose implementations of WordPress are public facing, to update to the latest fixed version, 3.1.1.

As WordPress is a Web application it seems timely to note that the IBM X-Force 2010 Trend and Risk Report contains insightful information on web application vulnerabilities and of particular relevance, the likelihood of the occurrence of CSRF and XSS vulnerabilities listed by application technology and business sector in Section IIIDeveloping Secure Software. Additionally, Section I contains information on XSS trends observed though 2010.

http://wordpress.org/news/2011/04/wordpress-3-1-1/

http://blogs.iss.net/archive/2010trendrep.html

INFORMATION PROTECTION WEEK? ASK GOOGLE!

Since Google disclosed in January that Internet hackers stole information from its computers systems, the details of the theft have been closely guarded. This week, nearly four months after the high profile breach, someone with direct connection to the investigation revealed that the cyber theft made off with one of Google’s crown jewels – a password system that controls access for millions of users worldwide and to almost all of the company’s Web services, including e-mail and business applications. If this Internet giant is vulnerable to hackers and cyber criminals, how about you?

 Malicious cyber attacks around the world more than doubled last year and accounted for more of reported data security breaches than human error; a disturbing new trend. Attacks on websites can come from viruses, malware and through Internet and social media.

 That’s why highlighting the importance of using strong passwords, using anti-virus software while keeping it and patches up to date, being careful when sharing personal information, and making sure sites are secure and legitimate are key everyday business practices to follow and share with others.  

A website that focuses on wordpress plug-ins is available so you can research the best security measures for your website. There are many plugins  that are designed to protect your website. Check them out at  WordPress Plugins