Core Integrity Verifications

In order to clean a malware infection, the first thing we need to know is which files have been compromised. At Sucuri, we use several techniques including whitelists, blacklists, and anomaly checks. In this blog post, we’re going to be focusing on how core integrity checks are a key component of the whitelisting model and how this is aids in effectively detecting malware.
Cryptographic Hash Functions and Checksums
When a website compromise happens, attackers add, modify, or delete files from the server.
Continue reading Core Integrity Verifications at Sucuri Blog.

Link: https://blog.sucuri.net/2018/08/core-integrity-verifications.html

Max Age For SSL/TLS Certificates Now Two Years

This post was authored by Jason Wood, founder of Paladin Security, a host on Security Weekly and commentator on Hack Naked News. This post is sponsored by DigiCert. Ah, the easy, old days when you could buy an SSL/TLS certificate that was valid for up to ten years. You set it up and then relaxed […]
The post Max Age For SSL/TLS Certificates Now Two Years appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/nnHnERTbp3o/

Sucuri Enhances Security by Disabling TLS Version 1.0 and 1.1

Protecting our users’ information and privacy is extremely important to us. As a cloud-based security service, we are fully committed to complying with the PCI Data Security Standards (PCI DSS) requirements. That is why Sucuri disabled support for TLS version 1.0 and 1.1 to our WAF/CDN edge nodes on June 28, 2018.
What Is TLS?
Transport Layer Security (TLS) is a cryptographic protocol used to enhance the security of a communication channel by encrypting the traffic between the parties involved.
Continue reading Sucuri Enhances Security by Disabling TLS Version 1.0 and 1.1 at Sucuri Blog.

Link: http://feedproxy.google.com/~r/sucuri/blog/~3/6UTKg_EsUaY/sucuri-enhances-security-by-disabling-tls-version-1-0-and-1-1.html

Less Than One Month Until Google Chrome Marks HTTP Sites “Not Secure”

This post was authored by Jason Wood, founder of Paladin Security, a host on Security Weekly and commentator on Hack Naked News. This post is sponsored by DigiCert.   There are a number of changes coming up to how Google Chrome warns people about the use (or lack of use) of encryption.  The most immediate […]
The post Less Than One Month Until Google Chrome Marks HTTP Sites “Not Secure” appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/GFBOIFHEs30/

What is PCI Compliance?

Sucuri aims at keeping the internet safe. That is why we are so keen on informing our customers of potential threats. We have posted many articles regarding ecommerce security breaches that steal credit card information, as well as the risks for ecommerce site owners.
There can be many dangers when purchasing through a website, and with so many cyber threats attacking ecommerce platforms and payment gateways, it’s more important than ever to reassure your customers by implementing and maintaining Payment Card Industry (PCI) Compliance.
Continue reading What is PCI Compliance? at Sucuri Blog.

Link: https://blog.sucuri.net/2018/05/pci-compliance.html

PCI for SMB: Requirement 3 & 4 – Secure Cardholder Data

This is the third post in a series of articles on understanding the Payment Card Industry Data Security Standard – PCI DSS. We want to show how PCI DSS affects small, medium, and large businesses that are going through the compliance process using the PCI SAQ’s (Self Assessment Questionnaires). In the previous articles we have written about PCI, we covered requirements 1 and 2:

Requirement 1: Build and Maintain a Secure Network – Install and maintain a firewall configuration to protect cardholder data.

Continue reading PCI for SMB: Requirement 3 & 4 – Secure Cardholder Data at Sucuri Blog.

Link: https://blog.sucuri.net/2018/05/pci-for-smb-requirement-3-4-secure-cardholder-data.html

Unwanted Ads via Baidu Links

The malware attack that began as an installation of malicious Injectbody/Injectscr WordPress plugins back in February has evolved since then.
Some of the changes were documented asUpdates at the bottom of the original blog post, however, every week we see minor modifications in the way they obfuscate the scripts or the files they inject them into.
Encrypted WordPress JavaScript Files
At this moment, the most common injection targets are core WordPress JavaScript files:
wp-includes/js/jquery/jquery-migrate.min.js
wp-includes/js/jquery/jquery.js
wp-includes/js/wp-embed.min.js
Hackers add the malicious code and then obfuscate the entire file contents along with the original legitimate code so that the only way to clean the files without breaking the site functionality is to replace them with their original clean copies.
Continue reading Unwanted Ads via Baidu Links at Sucuri Blog.

Link: http://feedproxy.google.com/~r/sucuri/blog/~3/nQPyFMoT6gw/unwanted-ads-via-baidu-links.html