Two Giants battle over security flaws. School delays opening to protect students’ computers. 2020 Elections Ohio joins two states to monitor security. Religious site builder company has second data breach. Bitcoin Blockchain hijacked.
Website Security Services – Your Business & Your Visitors
Almost every week, I comb through the latest news items on internet security. I started following this news to just keep updated with what’s happening and shared any information I discovered with a few clients and team members. After a month, it became very apparent that most people simply have no clue how bad online hacking has become (including the “internet of things”; i.e. your talking devices for helping around the house, appliances that are WiFi connected and more). That’s when I started these weekly ‘roundup’ articles – to share just a small portion of the hacking news articles that I read on a weekly basis.The sad part is that the people that users depend on the most are the ones who have let them down. Financial institutions, government agencies (local, state and national), hospitals and medical practices (small and large) and education systems (elementary through to university levels) have all been targets of hackers hitting their sites with malware, ransomware, and data-scraping. These are the ones who users ‘assume’ are keeping their data safe. But they seem to be the ones who are not focusing on security until after it’s too late.
If you own a website for your business, you, too, have users who are counting on you to keep their data safe. You need to have security monitoring, fast restore, and repair services should you get hacked and you need someone updating your CMS sites (WordPress, Joomla, Drupal, etc…) regularly. This is the very reason why we offer our Website Maintenance & Support Services. Whether you choose us or someone else, protect your visitors’ data.
Apple fires back at Google report over iPhone security flaws
CNBC covers the battle of the security flaws with tech giants Apple and Google pointing fingers at the other’s downfalls. Meanwhile, it’s their customers who need to be cautiously aware of the security breaches and keep their devices updated with each new discovery.
“Apple responds to a Google report that said malicious websites could exploit Apple security flaws to hack iPhones and steal personal data.
In a sharply worded statement, Apple says the attacks identified by Google were through websites narrowly targeted toward Uighurs, a Muslim ethnic minority in China.
Apple also challenges Google’s framing of the exploits, which were published by Google Project Zero, an elite bug-finding team.”
Article by Kif Leswing
https://www.cnbc.com/2019/09/06/apple-fires-back-at-google-report-over-iphone-security-flaws.html
M-W postpones school opening due to cyber security threat
In light of several New York City government and school hack attacks with ransomware, Monroe-Woodbury opted to delay schools instead of having students on potentially hacked computers. This hacking isn’t affecting adults; they affect anyone with access to a computer that may have been hit.
“Monroe-Woodbury Superintendent Elsie Rodriguez said Wednesday that the district got an alert about a potential problem on Monday night, and that a technology manager – Bhargav Vyas, assistant superintendent for compliance and information systems – found signs of an attempted cyber-intrusion early Tuesday morning after he rebooted the district’s servers. He shut down the servers, and the district alerted the Woodbury police, the FBI and the Department of Homeland Security, Rodriguez said.”
Article by Chris McKenna
https://www.recordonline.com/news/20190904/m-w-postpones-school-opening-due-to-cyber-security-threat
Ohio Secretary of State to ask for $1.7 million to monitor cyber-security threats
Set aside political beliefs and the propaganda put out by both parties. Think about how secure our elections will really be in 2020. With more of our nation’s voting machines being computerized, security is becoming high priority for many states. Ohio is now joining two other states to invest in monitoring cyber security.
“Ohio’s top elections official on Monday will ask a state budgetary panel to allow him to tap just more than $1.7 million in federal funds to monitor county boards of elections for potential cyber-security threats going into the 2020 presidential election.
If approved, Ohio would become just the third state, following Nevada and Florida, to have such devices in all of its counties.”
Article by Jim Provance
https://www.toledoblade.com/local/2019/09/05/Ohio-Secretary-of-State-to-ask-for-1-7-million-to-monitor-cyber-security-threats/stories/20190905148
Report: Church Website Builder Leaves Clergy & Volunteer Data Vulnerable
Website Planet reported that the Clover website builder may have their sensitive information in the hands of hackers after a second breach of their online systems.
“Our security research team at Website Planet has recently uncovered a second incident within the last couple of months for website builder and designer service, Clover Sites, Inc., a subsidiary of Ministry Brands. A cybersecurity expert reached out to them to inform them initially of a data leak, which was subsequently closed. Not long after, our own white-hat hacker discovered yet another data leak, leaving vulnerable tens of thousands of clergymen and congregation members.”
Article by Mark Holden
https://www.websiteplanet.com/blog/cloversites-leak-report/
Flagstaff school district grapples with cyber security attack, keeps campuses closed
After a cyber attack, FSCD closed campuses to take the necessary time (working through the weekend) to upgrade/update the security of their school computer system. It is a shame that it takes an attack for many government, education institutes, and medical organizations to take the necessary actions to secure their users’ data. Unfortunately, this is a consistent theme almost every week as we find the latest news around the USA on cyber security. Proactive steps, monitoring, and staying current is the best plan of action.
“District spokesman Zachary Fountain told the Associated Press that officials discovered powerful malware involving a ransomware attack in the district’s servers during routine operations Wednesday.”
Article by Mike Cruz
https://www.azcentral.com/story/news/local/arizona-breaking/2019/09/06/flagstaff-school-district-grapples-cyber-security-attack-keeps-campuses-closed/2235189001/
TV Anchor Sues Social Media Over Illicit Use of Security Photo
It will be interesting to see how the judge rules on this case. The photo was taken not from her social media site nor a company website, but by a security camera. Not sure what the ruling will be as to whether the sites with user-generated content will be responsible financially for the posts. Definitely a cease and desist would get them removed from the sites, though.
“Fox 29 anchor Karen Hepp says two years ago she learned a photo of her taken by a security camera in a New York convenience store without her consent was being used in online ads for erectile dysfunction products and other websites, according to her federal lawsuit filed in the Eastern District of Pennsylvania on Wednesday.
The photo has been uploaded and hosted on numerous sites, including the photo-sharing site Imgur, which has it tagged as “milf” – a “derogatory slang acronym that refers to a sexually attractive woman with young children,” Hepp says in her complaint.”
Article by Nathan Solis
https://www.courthousenews.com/anchorwoman-sues-social-media-over-illicit-use-of-security-photo/
Warning Issued After Malware Is Found To Have Hijacked Bitcoin Blockchain
Blockchain (cryptocurrency) has been all over the news the past year and will continue into the next five years, I imagine. Just remember, Bitcoin is code. Code looked at with a hacker’s point-of-view is just untampered lines waiting to be used for their benefit. In this case, malware – strong malware that continues after being blocked by your antivirus.
“Bitcoin’s blockchain has been hijacked by a new strain of the Glupteba malware that uses the network to resist attacks, cyber security researchers have warned.
The malware uses the bitcoin blockchain to update, meaning it can continue running even if a device’s antivirus software blocks its connection to servers run by the hackers, security intelligence blog Trend Micro reported this week.”
Article by Billy Bambrough
https://www.forbes.com/sites/billybambrough/2019/09/07/serious-malware-warning-over-bitcoin-blockchain/#8b5eed7c2863
Website Maintenance & Support Services
Don’t think because you’re a small to mid-size business, or a hotel or resort, that you do not have to worry about your website’s security. This is the landscape of the internet. We offer monthly monitoring services that are part of our “WordPress Maintenance & Support Services Program.” There are never any guarantees that you’re safe, but with our services we run daily backups and monthly updates of your website’s core files, plugins, and themes. Should your business website get hacked, we get it repaired and restored within 24 hours of becoming aware of it.
Get started right away, click to order below to get eyes on your website’s security updates.
We can sign you up immediately and schedule a website review. Was your website hacked? Upon sign up, you will receive the benefit of a 24-hour repair and restore. You’ll receive a monthly notice from us when your website and plugins have been updated. You’ll never be guessing if we’re doing our monthly service. Move to our host (cost included in Security Program) and have the benefits of our server’s security monitoring, too.
