In this day and age, windows defender and a spam filter on your email account just isn’t going to cut it anymore. The landscape of cybersecurity breaches and vulnerabilities is constantly changing and to protect ourselves, we must evolve with it. Sure, it’s great that the majority of us are all educated enough to not click on “suspicious” links in an email or text, but what do you do when it happens by accident? You were browsing through your email and when you opened that fishy email, your hand slipped and you clicked into it? In this case, the preventive measures are simply not enough. To minimize the damage caused by a cybersecurity […]
Padding Oracle On Downgraded Legacy Encryption (POODLE) was released with the CVE identifier of CVE-2014-3566. This vulnerability was discovered in SSL 3.0. This is different to the “HeartBleed” vulnerability which was discovered in OpenSSL. SSL protocol 3.0 has a vulnerability in which CBC-modde ciphers allow “man in the middle” attacks through the use of padding-oracle stacks. This targets the ciphers and allows the retrieval of plain-text from what should otherwise be, encrypted information. Impacts of Disabling SSLv3 For the most part, there is no impact for people in disabling SSLv3 due to the fact that the large majority of connections rely on TLS. It is advisable to not only disable SSLv3 on server […]
As of the 25th Of May 2018, All businesses that have any data used to identify an individual MUST be GDPR Compliant. GDPR (The General Data Protection Regulation) is designed to harmonize data and privacy laws across the entirety of Europe and give power to the citizens of the EU to the control of their digital footprint. What Does This Mean For My Business? It’s important to understand that the goal of GDPR is not to punish businesses, but instead to protect every individual’s personal information and make their rights more known. This means that your business must comply with the laws to avoid some of the monstrous fines that follow should the your business fail […]
Cyber security is crucially important in this day and age and should not be taken lightly. With technological advancements being made every single day, you might find it difficult to counter against the countless vulnerabilities and threats that pose a serious risk to your business. In this article we’ll give you a brief run down on things that you can do to stay up to date with the cyber security in your business. Risk Assessment The first step is always assessing the risk of cyber threats to your business as some are more prone to be affected by them than others. Much like a jeweler’s store is more prone to burglary than a […]
Cybersecurity researchers are working around the clock to actively monitor any possible areas of attacks. One of the most common methods that we are using is port scanning of variable strength to see what threat vectors are open to hackers. Should an open port be found, a that should be closed, evidently appears that there are issues on a much bigger scale than the port itself. This is the case with the most recent global scans executed by researchers of cybersecurity over at Rapid7. In one of the reports published in August, A member of Rapid7 detailed the most recent scans of the ports that showed that over 10 MILLION devices with an open […]
One of the most crucial aspects of your new (or old) wordpress sites is security. This article is written to help you understand the fundamentals of WordPress security, we aim to give you knowledge to understand “who” is attacking your wordpress site and how they can potentially succeed and get into it. A really important thing to ask yourself is “Who is attacking my site?” We’ve broken this down into 3 categories that stand out as the most common means of attack. Humans: There is someone sitting at a PC physically looking for exploits and probing it for vulnerabilities. Focuses on attacking one site at a time. Slow but very thorough and usually target […]
There are many different types of hosting out there that sometimes you might just get lost amongst all the different options! But do not fear, VMotion is here! For a startup business, you know well and true that your decision on your hosting solution will be one of the tipping points for the future of your business. But there are many articles out there that are sponsored, or affiliate related that just scream “Buy from us!” that you can’t help but feel like you’re walking into a trap. This article will give you unbiased and informative advice on the best way to meet the hosting needs of your startup business. There are a […]
How To Protect Yourself From WannaCry The ransomware attack is holding computers hostage all over the world. Here’s what you need to know about it to keep yourself as safe as possible. WannaCry attack started on Friday of last week, locking people out of their computers by encrypting their files and demanding them to pay up to 300$ in Bitcoin. To make matters worse the price doubles after 3 days. To receive a decryption key or risk losing your important files forever. What’s worse is that the malware also acts as a worm, which means that it has potential to infect computers and servers on the same network!
In the very short: Yes, update right now. If you want more details read below. What is ShellShock vulnerability? ShellShock is a nickname given to remote exploit vulnerability in bash CVE-2014-6271. It could allow an attacker to gain control over a targeted computer if exploited successfully. All Linux installations running Bash shell are vulnerable to this exploit. It is important to understand that
A vulnerability CVE-2014-0160 which is known as Hearbleed Bug was released on 07 April 2014. The Heartbleed Bug is a serious vulnerability issue in the wildly used OpenSSL cryptographic software library. This issue allows stealing the information protected by SSL/TLS encryption used to secure the internet. This bug allows anyone on the internet to read the memory of the systems protected by vulnerable versions of Open SSL software. Hackers can view the sensitive information such as secret keys and passwords.