Be sure to update your WordPress sites and keep them secure. (and get all the wonderful additional features they add in major version releases). Today version 4.9, nick-named “Tipton” was released. It has a lot of new features, new widgets, a lot of customizer improvements, coding enhancements, and much more, GO READ ABOUT IT if you are interested. It is sitting there on your dashboard, waiting for you to run the update, so take the 5 minutes and go do it. Don’t forget to backup both the files and the database first, so if something on your site for some reason is not compatible, you can restore it to the prior configuration.
GET HELP
If you need any help, Everything I.T.has wonderfully affordable WordPress annual maintenance packages that cover updating and backups, and in some cases restoration from a successful hack. (If someone hacks your site, we’ll put it back for you, a feature of the advanced maintenance package) We can also install SSL on your site for around $75, and we also have a full security configuration as well that covers putting a firewall, setting blocking of known blacklists, and about 30 other deterrent features that are wonderful, and entirely worth the price. CALL TODAY!
So I haven’t posted in a while. And I’m not sure how this type of formatted post will display on Facebook, so it’s kind of test.
Anyway, today I found some information that is kind of different, and I think you will find it very interesting. Today, WordFence (a security plugin authoring company) blogger wrote about a plugin that was taken down from the WordPress repository. It was a plugin called “Animated Weather Widget by weatherfor.us ” and what it did on the website frontend where it was installed, I don’t really know. But it’s what it did in the background/backend that is very interesting. Apparently this plugin ran a script that installed an iframe script that basically turned the whole PC into a crypto currency mining computer, using ALL the resources of any client computer that visited a website that had the plugin installed. Now you should understand that the website owners themselves had no knowledge of this, so you can’t really fault them. Eventually they will discover (hopefully) that the plugin no longer exists (or hopefully they will test their own site) and will remove it from their site, but if you ever go a website, and your computer fan starts running like crazy, then you are going to want to leave that website immediately.
If you want to go read the whole amazing story, you can go here and read it on the WordFence website, but I downloaded the amazing story on video for you : WordPress Plugin Banned for Crypto Mining
Everything I.T. is concerned about your safety on the internet, and we post discoveries like this often on our blog. Please register, please comment, and/or please share.
Most of you have heard about the equifax breach by now. But did you know that Equifax has another website that is an employment income verification site, that has all of most your employment data, employment dates, SALARY INFORMATION, and much more, and shows how it can be accessed, sometimes with a simple email address? This is information that has already been breached, the realistically could allow someone to fake a tax return (the should belong to you)
October is national security month. And you should really read this article, it’s quite alarming, and people need to be aware. https://krebsonsecurity.com/2017/10/equifax-breach-fallout-your-salary-history/ Krebs on Security is a great source of security, and breach information, and is usually very timely in reporting as well. The only good thing is The Work Number site doesn’t seem to work real well, and either crashes, or fails to retrieve what’s there.
Today is being called “Black Monday” in many information security circles. We have had a major Wi-Fi vulnerability announced that affects absolutely every device that supports Wi-Fi. The vulnerability allows attackers to decrypt WPA2 connections. A second vulnerability has also emerged today. This is a bad day for security.
There is a lot of very technical information, which most of you won’t understand, but if you techies want to read the full article, WordFence wrote it much better than I ever could. You can catch that post here: WORDFENCE WPA2 ENCRYPTION CRACKED!
Just to show you how quickly a hacker can now get onto a wifi network, and get passwords, and much, much more, I’ll add the Video here so you don’t have to click to watch the video.
I will follow up this post, as soon as I learn how to secure wifi again. As it is, everyone is using WPA2, it was supposed to be the unbreakable security method. But I’m sure they will tell us quickly how to block these kind of attacks, and I will pass it on to you as soon as I find out myself. (because information should be shared)
Recent Comments