Tag Archives: security

Loading
loading..

Top 6 Ransomware Defense Strategies

June 5, 2018
Web Admin
, , ,
No Comments

TOP 6 RANSOMWARE DEFENSE STRATEGIES

  1. Train your Users and Test their Knowledge
    Since ransomware infections often come through links and attachments inside emails, or from a website
    or web application, train your users how to recognize phishing attacks and suspicious links and
    attachments. Training is only part of the story. Admins must also make sure to regularly test their users
    with simulated phishing attacks to ensure that your users have been properly conditioned to resist these
    attacks.
  2. Monitor your Network
    Diligently monitor your network by analyzing your logs, clearing out alerts, and processing potential
    threat feeds. If the infection is detected quickly and the workstation is disabled immediately, you can
    recover the data within 24 hours, and often in as quickly as five minutes. Organizations should constantly
    update the operating system and other software on their systems with the latest patches. Unpatched
    vulnerabilities in operating systems and software are a common entry point for malware.
  3. Maintain Robust Backup and Disaster Recovery
    The ultimate safety net for ransomware defense is a robust data protection and disaster recovery
    solution. Implement a backup strategy that fully supports organizations with multiple types of data, files,
    and systems to protect. Not all solutions are created equal, but enterprise-grade backup and disaster
    recovery solutions preserve a complete version history, which is crucial to being able to recover from any
    attack. 
  4. Commercial Grade Anti-Virus Protection
    The best way to steer clear of viruses and malware is to use an industry-leading anti-virus software
    solution. There are many types out there, and they don’t have to break the bank, but having a superior
    level of defense will go a long way. On your anti-virus software, enable the auto update, auto-protect, and
    personal firewall features to ensure you always have protection in the background that is continually
    updated.
  5. Lock Down Suspicious Email Attachments
    Organizations may also want to install advanced email spam filtering which will block email messages
    with attachments from suspicious sources. Admins can filter executable attachments in emails based on
    the file extensions (e.g., block emails sent with “.EXE” attachments). Admins should also disable macros
    embedded within attachments and re-enable the display to full file extensions which makes it way easier
    to spot suspicious files
  6. Have an Incident Response Plan
    How you’ve prepared will determine how quickly you are able to restore your company’s data and get
    systems functioning again. This starts with a well-designed plan that is understood by the entire team.
    Practice executing the plan to ensure you are able to get systems back online in the expected timeframe.
    The practice will also give your team the confidence to perform flawlessly when the need arises.

We have seen many examples of companies that have been infected by Ransomware and some that have lost all of their data, and a few that have been able to recover.  Those that recovered were lucky enough to have had a unattached backup copy somewhere.  It was a stale backup and 6 months old, but it was something.  A better answer to it would have been to adhered to the 6 defense strategies.

If you are in need of help getting your strategies in line, please give us a call at 702.430.1849.  You can also contact us by clicking here!

people clapping

Malwarebytes Gartner Visionary

February 12, 2018
Web Admin
, , ,
No Comments

Malwarebytes recognized by Gartner as Visionary

Congrats to our Partner and friend Malwarebytes for being recognized by Gartner as a visionary in the world of antivirus and malware protection.  We of course, have known about the vision for many many years and really appreciate the protection that that vision provides our clients.  We work hand and hand on a daily basis to bring the very best of antivirus and malware protection to our client.  Malwarebytes is a major part of our arsenal.

DOWNLOAD OFFICIAL REPORT

 

security image

End Point vs. Cloud Firewall

August 4, 2017
Web Admin
, ,
No Comments

Why Choose a Endpoint Server based Firewall

As users of the WordPress platform for running your web server, you are fully aware that your choice’s are numerous, with some better than others.  This is also the case when trying to decide what type of firewall to protect our assets with.  For the most part, your choices fall into two categories; 1.  Server Based (endpoint) (Wordfence, All In One WP Security&Firewall) 2. Cloud based (Cloud Fare)

Both have some attractive features, but the Covered Data recommendation is that you seriously consider the use of a server based endpoint firewall such as Wordfence.  This version runs directly on your server and is directly protecting your website.  So, whether or not the Bad Guy is attacking the IP address or the domain name, you have protection.  With a cloud based system your attacker doesn’t have to attack the name (http://www.mywebsite.com), but can just attack the actual IP address that this name is assigned to or your server address on the internet.  This is an inherent flaw in the cloud based systems.

There are many other features of the wordfence firewall, such as deep integration with user level permissions, integration with .htaccess files, etc.  The interface is easy, and in its default install does a wonderful job of providing protection of your websites.  The more advanced features can get confusing, but in some cases are a huge benefit.  Using the advanced features is something that you can contact Covered Data about.  We can setup, monitor, and manage that part of the firewall for you at incredibly low monthly rates (no contract).

We have been involved in installing wordpress sites, wordpress firewalls, and recovering websites, for many years and would love to work for you.  Give us a call.

 

Malwarebytes Partnership Announcement

July 28, 2017
Web Admin
, , ,
No Comments

Malwarebytes Partnership Silver Partner logo

 

Covered Data is proud to announce that we are officially partnered with Malwarebytes, the leader in endpoint security protection.  We have used the Malwarebytes software for many years and are ecstatic at the opportunity to work with the experts at Malwarebytes.com in a larger way.  Our engineers and trained sales staff are at your disposable to help you design and implement the Malwarebytes multi-layer approach to security.  With the new release of Malwarebytes Endpoint Protection, you can finally within one install and one management console, cover 7 critical layers to security.
Contact us for a free trial.

[embedyt] https://www.youtube.com/watch?v=x5nNUXjRQro[/embedyt]

For more in depth description of the End Point Protection watch this video.

logo light

Malwarebytes 3.0 Defeats Ransomware

May 12, 2017
Web Admin
, ,
No Comments

Malwarebytes 3.0

We are sure you have heard about the latest Ransomware attacks that hit a record number of computers and servers, across a wide number of industries in Europe.  Rest assured, there were several in the United States as well.  Also, we expect that there will be more across the country, and many that we never hear about.

malwarebytes dark logoAre your PCs and Servers, mobile devices, and critical platforms protected?  It is critical to safety to take the necessary steps to secure your technology environment.  We are advising all of our clients that the first thing they need to do is make sure your computers are running Premium version of Malwarebytes 3.0.  The premium version of Mawarebytes easily defeats the recent attack that has taken over 90 thousand hospitals, hotels, point of sale systems, and more.

It does this by using the latest forensic and modern effective scan engine, software algorithms, and updated signature files on the market.  malwarebytes 3.0 went live with a completely new rewrite that was release to the public 6 months ago.  It uses the latest in computers security and incorporates the best of the best computer security from the ground up.

Contact us for a free trial of Malwarebytes 3.0.  Hands down the best malware protection software on the market. 

attacking bear

Websites Under Attack – Got you covered

April 12, 2017
Web Admin
, , , ,
No Comments

I wanted to take a quick minute and tell you about our night on the web last night.  As web security experts with a long history of protecting, building, and creating wordpress websites, we have seen a quite a bit, but last night was special.  A couple of the sites that we managed and protect came under a sustained attack for a couple of hours.  These attacks had our phones blowing up with alert notifications every couple of minutes for hours.  We are used to it, and really don’t mind that much.  That is because we have over the years, become quite good at protecting our sites, and trust in our partnerships and the system that we have in place.

The graph below show you the number of attacks from last night.

attack capture

24 Hour Attack

We would love to tell you that it was the Russians, and indeed that has been the case in the past.  This time however, the attacker was from an IP adddress in the United States.   The main site causing all the noise last night was from a US based IP address of :

162.211.152.3United StatesUnited States2,157

Our security systems allow us to block most of the traffic geographically.  So, if you don’t have customer in the United states why expose your site to the rest of the world.  That is one theory anyhow, and you have to make a decision for your company, your security policy, affects on search engines finding you, etc.  In this clients situation the only country that is open is the United States.  However, country blocking wasn’t enough in this past attack.

You have to realize that in today’s world, the IP address in the U.S., might be compromised and actually be a device controlled by rogue hackers from another country.   It is critical that you have a rock solid firewall implementation that is dynamically based on live intrusion attempts across the world.  That you also protect yourself and ensure that your website is up to date constantly, and have some ability to recover if you find your site compromised and are monitoring alerts as things are happening.  Remember, the internet doesn’t sleep.

Our system can help you sleep at night and ensure your sites are always available.  Contact us for a free consultation.  Heck, we will even update your site for  you free of charge.

CD

 

under attack image

WordPress – Covered Data repel attacks

January 17, 2017
Web Admin
, ,
No Comments

Covered Data recently came under attack from sources across the internet and we wanted to share our experience.

The concentrated and focused attacked started on January 11th 2017 at 9:21:46 pm local time. The attack and search for vulnerabilities continued for just about 2 hours, ending shortly after 11:07:33 pm local.

Covered Data partners with the best web application firewall (WAF) known in the industry and our partner software is currently protecting millions of WordPress websites world wide.

To help address the wider concerns about internet attacks we are offering a free update service and vulnerability assessment to anyone.  We will update your site for free and provide recommendations for any further issues we might find that need to be addressed.  For those not based on WordPress, we will address your vulnerabilities and provide assistance in updating your software and make recommendation that should help you repel future attacks.  For those based on a WordPress infrastructure, we will update core files and plugins and share solutions that have protected our sites.

Are you protected?

We have included screen shots of the alerts we received during our attack.  We do this to collaborate and share our experience.  Our ultimate goal is protecting as many sites as we can.  If your organization is using a WordPress, contact us about this free service. This free update service will go a long way to your site being protected and you being able to sleep again.

Contact us.  We will help.

Sincerely,

Scott A. Barbour, CEO

The below information is a snapshot of a much longer attempt by the attackers to penetrate our sites.

We successfully repelled 100% of the attacks thanks.

attack 1 attack 2 attack 4 attack 5 attack 6 attack 7

 

 

cd alert picture

Username Harvesting WP 4.7

December 12, 2016
Web Admin
, , ,
No Comments

We received a security alert this morning from our Web Application Firewall provider that addresses a vulnerability in WordPress that if exploited about will reveal the username and admin usernames on the system.

SUMMARY:

With the release of WordPress 4.7 a vulnerability now exists that all users should take immediate action to remediate.  While the update to 4.7 is a good thing and fixes several existing security issue, it also adds the REST API functionality to WordPress.  Again, this is a good thing, but does create a hackers ability to do the following:

http://example.com/wp-json/wp/v2/users

This will list all users that have published a post. It includes that user’s userid, username, gravatar hash and website URL.  This functionality either needs to be turned off completely or it is our recommendation, configure the firewall to prevent anonymous access and maintain the desired functionality of a the REST API.  Obviously this isn’t information that you want a hacker to have access to as it is half the battle with gaining unauthorized access.

REMEDIAL ACTIONS:

Our security team is recommending that all users upgraded to 4.7 and have our premium version of our WAF installed and configured immediately.  This will prevent hackers from using this functionality and gaining unauthorized access to your systems.

TO BE CLEAR:  All WordPress websites that are updated to the current version are vulnerable to this attack unless steps are taken.  Please contact us for a solution that will protect your site and increase your overall security profile.

Scott Barbour – Covered Data Founder/CEO

Layout mode
Predefined Skins
Patterns Background
Images Background