Ophtek Archives - Page 30 of 57

1.2 Million GoDaddy Users Hit By Managed WordPress Hack

GoDaddy Breach, Hackers, Hacking, Ophtek, Password Security, strong passwordsGoDaddy Breach, hackers, hacking, Ophtek, password security, strong passwordsOphtek, LLC

Dec 2021

Web hosting is an integral part of how the modern internet works, but what happens when a provider finds themselves the victim of a hack?

GoDaddy is one of the most popular web hosting providers in the world with an estimated customer base of over 20 million users. Through GoDaddy it’s possible to use their Managed WordPress service to build and host WordPress websites. And, with around 64 million websites currently being powered by WordPress, it’s clear to see why GoDaddy has focused on this platform. Online popularity, however, will always put you in the targets of hackers. A recent breach of GoDaddy’s Managed WordPress service has demonstrated this by hitting 1.2 million of their customers.

How Did GoDaddy Get Hacked?

GoDaddy’s Managed WordPress environment contains huge amounts of data. Not only is there access to the source code for hosted websites, but customer’s personal data is also stored there e.g. email addresses, login credentials and site security certificates. These are data sources which have the potential to cause widespread digital devastation. Email addresses can be used to power phishing campaigns, login credentials give hackers the ability to hijack websites and manipulating security certificates can result in malware being downloaded to unsuspecting victims. But how exactly did one of the world’s most powerful web hosting providers get hacked?

The attack appears to have started in early September 2021 and stemmed from a password becoming compromised. The password in question allowed a third party to gain unauthorized access to GoDaddy’s Managed WordPress system. From here, the hackers were able to harvest the previously mentioned data. Unfortunately, for GoDaddy’s customers, it appears that the passwords being stored for Secure File Transfer Protocol were not encrypted and were available in plaintext. Naturally, this made it much easier for hackers to harvest even more data more quickly. And, worst of all, the attack was not picked up for over two months.

Preventing Similar Breaches in the Future

After discovering the hack, due to suspicious activity being detected on their servers, GoDaddy have moved swiftly to limit the damage. All affected login credentials have been reset and GoDaddy are currently issuing new site security certificates. However, the nature of this breach is a damning indictment of GoDaddy’s security measures. Passwords should be secure. The best ways to prevent such breaches taking place are:

Strong Passwords: A strong password is one that is judged difficult to guess. The best way to achieve this is by using a mixture of uppercase characters, lowercase characters, numerical characters and symbols. Mixing these different elements together minimizes the odds of a hacker guessing lucky. Additionally, don’t go for obvious password choices such as your name or your date of birth.

Regularly Change Your Passwords: Another sure-fire way to prevent your password being compromised is by changing it regularly. An ever-changing password makes it much harder for hackers to take advantage of leaked login credentials, so make sure your employees are prompted to change their passwords every month.

Don’t Write Your Passwords Down: One of the most common ways for a password to be stolen is by having it written down. This increases the risk of it being stolen compared to a password which you have memorized or stored within a secure password managed app.

For more ways to secure and optimize your business technology, contact your local IT professionals.

What is Zero Trust Security?

access control, Network, Ophtek, Security, Zero Trustaccess control, network, Ophtek, security, Zero TrustOphtek, LLC

Nov 2021

With the digital world awash with malware, viruses and vulnerabilities, it’s hard to avoid security breaches. But does zero trust security have the answer?

Hundreds of thousands of new malware strains are created daily; the chances, therefore, of your organization being targeted are high. Typically, we use measures such as security education to enhance vigilance and tools such as anti-malware software to minimize breaches. But neither of these are 100% secure. In fact, no one security measure can ever be 100%. It’s possible, though, to maximize your security by introducing additional security measures. And this is where zero trust security can make a big difference.

The Lowdown on Zero Trust

When users log on to corporate networks, they are usually assigned a certain level of access control. This allows them to access the parts of the network that are required for them to do their job. So, for example, an employee in the finance department would have access to invoicing systems whereas this would be restricted to those in the marketing department. Such an approach allows you to limit unauthorized access to sensitive data. But the zero trust model takes things a step further.

Zero trust’s guiding ethos is one of “never trust, always verify” and it takes a hardline approach to access privileges. Rather than assuming that a device in a specific location should automatically be granted access to the network in that area, zero trust access demands verification every time resources are accessed. Instead of providing an element of trust, there is zero trust – hence the name of the model. It’s an approach which requires checking both the identity and health of the devices requesting access alongside mutual authentication.

How Can Zero Trust Help?

A significant number of security breaches are down to human error e.g. opening a malicious email attachment. But zero trust work to eliminate (or at the very least, minimize) this human error by bringing access control to the table. External devices, for example, can’t gain access to a secure network by using stolen network credentials – they need to prove that the device in question is authorized and that the user can provide authentication. Not only does this limit unauthorized external access to your network, but it limits the number of internal users who can access data which is unnecessary to their role.

Final Thoughts

Access control has been in place with IT infrastructures for decades, but the hardline model of zero trust access is one that all businesses should be shifting towards. In particular, large businesses with a multitude of different departments and employees are particularly at risk of security breaches. But this is only the case if all employees have access to the same resources. Questioning the integrity of specific devices – and foregoing any assumptions based upon location – is crucial when it comes to protecting your network.

If your organization does not already practice the zero trust model for access, then it’s time to get started. Plan your model by dividing your networks into specific sections and detailing who needs access to each one. You can then start putting additional security in place – such as two factor authentication – to strengthen your network and keep your data as safe as possible.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Millions of Routers and IoT Devices Targeted by BotenaGo

BotenaGo, Cyber Security, Internet Traffic, IoT Attacks, Ophtek, router, Software Security PatchesBotenaGo, Internet Traffic, IoT, Ophtek, patches, router, securityOphtek, LLC

Nov 2021

Routers and Internet of Things (IoT) devices are essential when it comes to modern business. But this has made them a target for the BotenaGo malware.

Wireless technology is in place in almost every business in the world. The presence of routers allows PCs to connect to the internet and enhance their capabilities. IoT devices, meanwhile, bring wireless functionality to business such as wireless access to printers and data storage. Both routers and IoT devices, therefore, present an enticing opportunity to hackers. Compromising just one of these devices grants backdoor access to IT infrastructures. And this is where they can really cause your organization some damage.

BotenaGo is an innovative new strain of malware which has routers and IoT devices in their targets, so it’s crucial that you learn a little more about it.

What is BotenaGo?

The BotenaGo malware is difficult detect, but it appears that it’s hiding in plain sight. BotenaGo is written in Google’s popular Golang programming language, a process which has become steadily popular with hackers. Golang allows programmers to use the same code across different systems, so this saves significant time when coding. Malware, such as BotenaGo, coded in Golang can, therefore, spread across multiple operating systems with the same code.

BotenaGo is programmed to identify 30 different vulnerabilities and this is why so many routers and IoT devices are at risk. The malware starts by scanning the internet for vulnerable devices and then activates the available exploits. BotenaGo’s next step is to create backdoor on the infected devices, this is typically opened on ports 31421 and 19412. This allows the hackers to take control of the device. Further malware and DDoS attacks can then be launched using the victim’s internet connection.

How to Stay Safe

Malware which uses malicious links and attachments is easy to combat as it requires users to action the payload. The techniques used by BotenaGo, however, rely on system vulnerabilities that the average PC user will be unable to identify. Furthermore, current anti-virus software seems unable to detect BotenaGo. But there are ways you can protect yourself:

Install all Patches: Most exploits arise due to coding errors which have failed to fully protect the software. Hackers regularly comb software to discover these exploits and then use them to gain unauthorized access. And, therefore, software manufacturers release regular security patches, these plug any holes in the software and make it more secure. But the end user needs to make sure they are installed. This can be difficult to maintain manually, but Windows allows you to set all updates to automatic to make it easier.

Monitor Your Internet Traffic: BotenaGo is difficult to detect, but it does leave telltale signs as to its presence. A sudden increase in internet traffic, particularly through ports 31421 and 19412, should be a cause for concern. Accordingly, it’s important that your organization arms itself with traffic monitoring software to identify unusual behavior. Any increase in traffic should be investigated immediately and, where possible, access shut off immediately.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Chrome Users Targeted by Malicious Websites

anti malware, Google Chrome, malicious websites, Ophtek, SecurityAnti- malware, Google Chrome, malicious websites, Ophtek, securityOphtek, LLC

Nov 2021

Google’s Chrome browser is one of the most popular choices for accessing the internet, but this popularity makes it an enticing target for hackers.

A substantial number of business activities are conducted online in the 21^st century. Accordingly, most organizations find themselves accessing the internet with a browser almost every minute of the day. But each time we venture online we open ourselves up to numerous security threats. Malicious websites, of course, are a well-known security risk. At the heart of these threats is a determined effort to conceal their malicious payload. And that’s why a malicious website can be difficult to spot.

Chrome has an estimated userbase of 2.65 billion users and, as such, presents the perfect opportunity for hackers to cast their net far and wide.

How Chrome is Targeted

This latest malware attack specifically targets Chrome users who are running the browser on the Windows 10 operating system. Upon visiting an infected website, Chrome’s legitimate ‘advertising service’ delivers an advert which claims that Chrome requires updating. However, the advert contains a malicious link. Clicking this link will take you to a website entitled ‘chromesupdate’ which is designed to look like an official Google site. Unfortunately, it’s far from genuine.

The only thing that you will be able to download from this malicious website is malware. The payload in question is typical of modern malware, its main objective is to harvest sensitive data and steal cryptocurrency. Therefore, any login credentials you enter, while your PC is infected, can be logged and then transmitted to a remote server. Worst of all, the malware also grants remote access to your workstation. This opens you up to further malware downloads and, potentially, harnessing your machine into a DDoS attack.

How to Protect Your Browsing

Chrome is targeted by this latest campaign due to the manipulation of a Windows environment variable which allows Chrome’s advertising service to be exploited. The simplest way to avoid this attack is by using a different browser. But there’s a much bigger picture at play here. A better approach is to use the browser you are most comfortable with but remain vigilant. To do this, make sure you follow these best practices:

Disable Download Privileges: It’s very easy for a busy employee to lose focus for a second and click on a malicious download. But, in the case of this specific threat, an application update should be something that an IT professional handles. To minimize the risk of malicious downloads taking place, disable download privileges for your employees.

Use Anti-Malware Software: Malicious websites can be detected prior to accessing them thanks to the power of anti-malware software. Backed by huge databases, which are regularly updated, anti-malware software can instantly alert users when they try to access websites known to be malicious.

Don’t Be Rushed: The main strategy employed by malicious websites will be to instill a sense of urgency into their call-to-actions. For example, the threat of an imminent infection if a Chrome update is not installed is designed to create urgency. And it’s this urgency which can catch you off guard. So, if you feel that a website is rushing you into making a decision, always make sure you speak to an IT professional before going any further.

For more ways to secure and optimize your business technology, contact your local IT professionals.

5 Quick Ways to Secure Your PC

Cyber Security, Data Security, email security, modem security, Online Security, Ophtek, PC Security, SecurityCyber Security, Data Security, email security, Modem Security, Online Security, Ophtek, PC Security, securityOphtek, LLC

Nov 2021

IT security can be a complex series of procedures and this can be intimidating to many people. Luckily, there are some easy ways to secure your PC.

Installing and configuring a firewall isn’t something that your average PC user will feel comfortable with. After all, how do you know exactly which services you should be allowing/denying access to? Security tasks such as this should be left to the professionals. But there are lots of quick and easy tips you can put in to place to protect your PC. All you need to do is know how to get started securing your PC. And today we’re going to share 5 quick ways to secure your PC.

How to Secure Your PC

If you want to secure your PC with the minimum amount of fuss, then make sure you:

Verify All Downloads: It’s very easy to fall victim to a malicious email or website. These threats appear to be genuine methods of communication in order to encourage you clicking on their malicious payload. These payloads can take the form of malicious downloads disguised as links or ‘helpful’ apps. A quick way to avoid falling victim in these scenarios is to verify the true destination of links by hovering your mouse cursor over them. You can also perform a Google search to verify the legitimacy of any website.

Lock Your Screen: An unattended PC screen leaves you open to not only external threats, but also internal ones. Therefore, whenever you leave your workstation, make sure that you lock your PC screen. This will password protect your desktop and ensure that no one can access it. You can lock your screen instantly by hitting the Windows key and the L key.

Use a VPN: A virtual private network (VPN) may sound like a complicated enterprise to undertake, but it’s relatively simple to install. A VPN can be installed in minutes and will use high level encryption methods to conceal your identity and data online. So, for example, if you are based within Chicago, you can use a VPN to connect to the internet through a connection based in Australia. This masks your identity and maximizes the security of any data you are transmitting.

Do Not Write Your Passwords Down: The single biggest mistake that a PC user can make is to write their passwords down. Sure, it’s difficult to remember every single password, but there are options to overcome this such as using Google’s Password Checkup. These password managers are far superior to writing your password credentials on a Post-It note and keeping it on your desk. Revealing your login credentials publicly should be avoided at all costs.

Only Use USB Devices That You Own: It’s not worth the risk of damaging your PC, so avoid connecting USB devices you aren’t familiar with. In fact, in a workplace, it’s recommended to disable USB access to individual workstations. If USB access is required then this should only be granted to IT professionals.

For more ways to secure and optimize your business technology, contact your local IT professionals.

« Previous 1 … 28 29 30 31 32 … 57 Next »

Tag Archives: Ophtek