Posts Tagged security

872 results.

Thousands of shop, bank, and government websites shut down by EV revocation

Jul13
by Ike on July 13, 2020 at 3:00 pm
Posted In: security

More than two thousand sites using Extended Validation certificates stopped working this weekend and remain inaccessible today (Monday), including those run by banks, governments, and online shops. The EV certificates used by these sites were revoked on Saturday, and have yet to be replaced. Most visitors using modern web browsers are completely locked out: this certificate error cannot be bypassed in Chrome, Firefox, Safari, or Microsoft Edge.

Chrome's unbypassable revoked certificate interstitial on online.anz.com

Chrome’s unbypassable revoked certificate interstitial on online.anz.com. ANZ is one of the"big four" Australian banks.

Last week, DigiCert disclosed a reporting discrepancy in its audit for EV certificates. As part of its response, DigiCert committed to revoking the certificates, which it intends to complete over the coming weeks. Only a subset of DigiCert’s EV certificates are affected: in the July SSL Server Survey, Netcraft found 17,200 EV certificates in active use on port 443 that are due to be revoked.

The first batch of revocations happened this weekend. While most of the certificates revoked on Saturday 11th July have been correctly replaced and reinstalled, many have not.

On Monday morning, Netcraft found 3,800 sites still using EV certificates issued by the affected sub-CAs. Of these 3,800, more than 2,300 were still using a revoked EV certificate, completely disabling the sites for users in modern browsers, which handle EV revocation more robustly than other types of certificate. The remainder are yet to be revoked.

Many organisations appear to have been caught unawares, continuing to use revoked EV certificates, including The State Bank of India, Rackspace, Authorize.net, ANZ Bank, and Telegram.

Authorize.net using a revoked EV certificate

Authorize.net using a revoked EV certificate

The New Zealand government using a revoked EV certificate

The New Zealand government using a revoked EV certificate

Wirecard, the beleaguered German payment processor, briefly had its main site, www.wirecard.com, displaying a certificate warning early on Monday, but the certificate has since been replaced with a working non-EV certificate. There are still a number of Wirecard domains with revoked certificate warnings.

└ Tags:
 Comment 

Protect against Shopping Site Skimmers and Fake Shops with the Netcraft Extension

Jul12
by Ike on July 12, 2020 at 6:00 am
Posted In: Netcraft Services, security

The current coronavirus pandemic has resulted in the closure of many pubs, restaurants, and brick-and-mortar retail stores. Many purchases that would previously have been made in person now take place online. In research commissioned by Visa
, 89% of Britons have shopped online since the UK’s lockdown restrictions began, with 31% buying items online for the first time during this period. This increase in online shopping activity benefits criminal groups in that: smaller businesses newly reliant on online transactions provide attackers with a stream of inadequately-defended shopping sites to exploit, and buyers are far more likely to be driven to these compromised shops or to fake shops compared to before the pandemic.

JavaScript skimmers run on compromised shopping sites. When shoppers enter their payment details, the skimmer secretly sends a copy to the attacker – potentially even if the customer does not complete the transaction. Even the most careful of users can be victims of these attacks, as they appear on compromised but otherwise well-intentioned shops with no visual indication of their presence.

Fake shops are another threat. Shoppers seeking bargains may unknowingly find themselves on a fake shop which claims to offers the products they want at a highly discounted price, but the victim will subsequently only receive counterfeit goods, no goods at all, or have the transaction aborted after entering credentials which is equivalent to a phishing attack.

Fake shops also take advantage of the pandemic by offering goods in high demand due to coronavirus, such as N95 masks. The FBI has released a Public Service Announcement about an increase in online shopping scams involving the sale of counterfeit healthcare products such as Personal Protective Equipment (PPE). To date, Netcraft has blocked over a thousand such coronavirus-themed fake shops, 80,000 other fake shops selling all sorts of counterfeit goods, and around 3,500 compromised shops hosting JavaScript skimmers.

The Netcraft browser extension and mobile apps provide protection against fake shops as well as legitimate shopping sites that have been compromised with JavaScript skimmers. When an extension or app user visits one of these dangerous shops, Netcraft will block access to the shop and alert them:

Visiting a fake shop without the Netcraft extension

Visiting a fake shop without the Netcraft extension

Visiting a fake shop with the Netcraft extension

Visiting a fake shop with the Netcraft extension

└ Tags: ,
 Comment 

Fake shops are making a killing from counterfeit trainers

Jun29
by Ike on June 29, 2020 at 2:13 pm
Posted In: Around the Net, Netcraft Services, security

Online shopping has surged since lockdown started in March. Many of us, looking to be healthier, have headed online for sports equipment and a number of sportswear retailers have reported booming online sales. John Lewis recorded a 72% increase in total sports shoe sales, while Adidas and Puma have both seen an increase in ecommerce revenue.

Shoppers browsing online for the best deals, however, need to take care, as many people would be surprised at the scale of fake shops. Each day we find new fake shops designed to entice shoppers away from bona fide outlets, as many brands have yet to find effective countermeasures.

Counterfeit shoes, clothing and other accessories are estimated to lose the industry more than €26 billion each year in the EU alone, while the loss due to all online counterfeiting is estimated at $323 billion a year. The OECD estimated that over 3% of all imports worldwide are counterfeit.

Traditionally fake shops claim to sell luxury consumer goods at highly discounted prices. We have seen fake shops using at least three different models:

  1. Payment is accepted, but no goods are delivered.
  2. At the end of the checkout process, an error message is displayed such as “Out of Stock” and no transaction occurs. This is equivalent to a phishing attack, as the fake shop has the consumer’s credentials.
  3. Payment is accepted, and goods are delivered. The quality of goods varies between junk and identical to the bona fide item.

Trainers are the most counterfeited goods

We are currently block around 75,000 fake shops in our extension and apps. Of these, roughly half target a specific brand, such as Nike or Adidas. About 70% of the fake shops selling branded goods sell shoes, predominantly trainers.

Corroborating this, European customs authorities handle more cases of counterfeit sports shoes than any other type of product.

Breakdown of fake shop industries

Fake shops by type of goods sold

└ Tags: , ,
 Comment 

WordPress 5.4.2 Security and Maintenance Release

Jun10
by Ike on June 10, 2020 at 7:19 pm
Posted In: Backups, CMS, PHP, Releases, security, Wordpress

WordPress 5.4.2 is now available! This security and maintenance release features 23 fixes and enhancements. Plus, it adds a number of security fixes—see the list below. These bugs affect WordPress versions 5.4.1 and earlier; version 5.4.2 fixes them, so you’ll want to upgrade. If you haven’t yet updated to 5.4, there are also updated versions […]

└ Tags: ,

Next Level Ops Podcast: Must Haves for Managed WordPress Hosting with Andrey Kugaevskiy

Jun03
by Ike on June 3, 2020 at 6:00 am
Posted In: Hoster, Hosting, managed Wordpress hosting, Plesk, plesk podcast, Podcast, Product and technology, Releases, security, Wordpress

The post Next Level Ops Podcast: Must Haves for Managed WordPress Hosting with Andrey Kugaevskiy appeared first on Plesk.

└ Tags: , , , , , , ,
 Comment 

Next Level Ops Podcast: Tips for Keeping Your Server Secure with Igor Antipkin

May20
by Ike on May 20, 2020 at 6:00 am
Posted In: Plesk, plesk podcast, Podcast, Product and technology, Releases, security, security risks, Server Security, software security, threat modeling

The post Next Level Ops Podcast: Tips for Keeping Your Server Secure with Igor Antipkin appeared first on Plesk.

└ Tags: , , , , , , ,
 Comment 

Secure a Plesk Hosted Email Account using SpamAssassin, ClamAV and Amavis

May14
by Ike on May 14, 2020 at 7:00 am
Posted In: amavisd, antivirus, clamav, email, Guides, new plesk extensions, Plesk, Plesk Extensions, Product and technology, Releases, security, security extensions

Here’s a comparison of the latest Plesk security extensions we released this year, protecting your sites from threats and available for your Plesk platform.

The post Secure a Plesk Hosted Email Account using SpamAssassin, ClamAV and Amavis appeared first on Plesk.

└ Tags: , , , , , , , , ,
 Comment 

WordPress 5.4.1

Apr29
by Ike on April 29, 2020 at 7:56 pm
Posted In: Backups, CMS, PHP, Releases, security, Wordpress

WordPress 5.4.1 is now available! This security and maintenance release features 17 bug fixes in addition to 7 security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated. WordPress 5.4.1 is a short-cycle security and maintenance release. The next […]

└ Tags: ,

Governments Introduce Coronavirus-specific Cybercrime Legislation

Apr13
by Ike on April 13, 2020 at 8:00 pm
Posted In: Around the Net, Coronavirus, security

Governments and organisations globally have been making announcements that just
a few weeks prior would have been unprecedented. As more of our lives are moving
online in an attempt to adapt to changes brought about by the Coronavirus
pandemic, many are trying out services they were previously unfamiliar with, such
as video conferencing or online grocery shopping. While others are finding
themselves with more time to pursue online hobbies such as gaming.

The combined effect of information overload and a mass of people using
unfamiliar software and services has created an environment ripe for
exploitation by cybercriminals.

Netcraft has tracked Coronavirus-themed cybercrime since 16th March, shortly
after it was declared a pandemic by the World Health Organisation. While Netcraft continues to see
high volumes of Coronavirus-inspired fake shops, advanced fee fraud, phishing
and malware lures, this post covers some of the trends Netcraft has observed
since our previous posts on the topic.

Recently observed Coronavirus-themed threats

Fake Government information sites and mobile malware

Many governments have set up dedicated websites offering advice and services to
support their citizens through the pandemic. Cybercriminals are taking advantage
of this by providing copy-cat sites with a malicious twist.

In one recent campaign, the cybercriminals deployed a site that poses as the UK
Government and offers “credit card refunds” for “COVID-19 support”. The
fraudulent site uses UK Government branding and collects the victim’s personal
information – including their credit card number, date of birth and telephone
number.

Fake UK Government website which tricks users into handing over personal information
└ Tags: , ,
 Comment 

Netcraft Adds Coronavirus-related Cybercrime Protection to its Apps and Browser Extensions

Apr10
by Ike on April 10, 2020 at 1:36 pm
Posted In: Coronavirus, Netcraft Services, security

Netcraft has added protection from Coronavirus-related cybercrime to its mobile apps for Android and iOS, and to its browser extensions for Chrome, Firefox, Opera, and Microsoft Edge. Websites containing these attacks will be blocked for those who have the app or extension installed. The iOS app — currently available in the UK and Canada — blocks Coronavirus-themed attacks impersonating Canadian and UK businesses as well as providing global coverage of fake shops purporting to sell Coronavirus-related goods.

Any Coronavirus-related cybercrime can easily be reported through the extension or app, by emailing scam@netcraft.com, or at report.netcraft.com, protecting other users from these attacks.

The Netcraft Browser Extension now blocks Coronavirus-related cybercrime

The Netcraft Browser Extension now blocks Coronavirus-related cybercrime

Since 16 March Netcraft has been monitoring and disrupting Coronavirus-themed cybercrime, which accounts for five percent of the attacks we perform countermeasures against and is becoming more prevalent on the internet.

The Netcraft App can be downloaded from any of the major three major app stores:

Apple App StoreGoogle Play StoreAmazon App Store

The Netcraft Extension can be downloaded for any of the four major browsers:

Google ChromeMozilla FirefoxOperaMicrosoft Edge

└ Tags: , ,
 Comment 

Coronavirus Cybercrime Scaling Up

Apr02
by Ike on April 2, 2020 at 7:00 pm
Posted In: Around the Net, security

Just like Coronavirus itself, the Coronavirus-themed cybercrime it has spawned is quickly becoming a pandemic of its own. Cybercriminals have been quick to take advantage of the media attention on the story, using lures with a Coronavirus theme. Many of the attacks Netcraft has observed have used the fear and uncertainty surrounding the situation to trigger a response from their victims.
Netcraft has tracked Coronavirus-themed cybercrime since 16th March, shortly after it was declared a pandemic by the WHO.

└ Tags: ,
 Comment 

Software tools to prevent attacks on servers and sites

Mar30
by Ike on March 30, 2020 at 6:09 am
Posted In: antivirus, burp suite, Business and industry, cybersecurity, EDR, Encryption, firewall, Guides, hacking, Imunify360, ImunifyAV, Kaspersky Antivirus, Kaspersky EDR, network firewall, penetration testing, phishing, Plesk, Plesk Firewall, premium antivirus, Product and technology, Releases, security, Security alerts, security extensions, Server Security, SSH, SSH access, Warden

The post Software tools to prevent attacks on servers and sites appeared first on Plesk.

└ Tags: , , , , , , , , , , , , , , , , , , , , , , , , ,
 Comment 

Coronavirus Cybercrime

Mar27
by Ike on March 27, 2020 at 12:19 pm
Posted In: Around the Net, security

Netcraft has tracked Coronavirus-themed cybercrime since 16th March, shortly after it was declared a pandemic by the WHO. Scammers have been quick to take advantage of the massive worldwide attention to Coronavirus (COVID-19), and are increasingly making use of it as a theme for online fraud.
Netcraft is the largest provider of anti-phishing takedowns in the world and provides countermeasures against some 75 other types of cybercrime for governments, internet infrastructure and many of the world’s largest banks and enterprises.

└ Tags: ,
 Comment 

Browsers on track to block 850,000 TLS 1.0 sites

Mar03
by Ike on March 3, 2020 at 3:02 pm
Posted In: Around the Net, security

More than 850,000 websites still rely on the outdated TLS 1.0 and TLS 1.1 protocols that are scheduled to be blocked by the majority of web browsers this month. These older versions of the Transport Layer Security protocol, which date back to 1999 and 2006, are vulnerable to numerous practical attacks that have been resolved in later versions. Among the sites still using these outdated setups are major banks, governments, news, and telecoms companies.

└ Tags: ,
 Comment 

WordPress 5.3.1 Security and Maintenance Release

Dec13
by Ike on December 13, 2019 at 12:07 am
Posted In: Backups, CMS, PHP, Releases, security, Wordpress

WordPress 5.3.1 is now available! This security and maintenance release features 46 fixes and enhancements. Plus, it adds a number of security fixes—see the list below. WordPress 5.3.1 is a short-cycle maintenance release. The next major release will be version 5.4. You can download WordPress 5.3.1 by clicking the button at the top of this page, […]

└ Tags: ,

WordPress 5.2.4 Update

Nov19
by Ike on November 19, 2019 at 4:47 am
Posted In: Backups, CMS, PHP, Releases, security, Wordpress

Late-breaking news on the 5.2.4 short-cycle security release that landed October 14. When we released the news post, I inadvertently missed giving props to Simon Scannell of RIPS Technologies for finding and disclosing an issue where path traversal can lead to remote code execution. Simon has done a great deal of work on the WordPress […]

└ Tags: ,

WordPress 5.2.4 Security Release

Oct14
by Ike on October 14, 2019 at 9:54 pm
Posted In: Backups, CMS, PHP, Releases, security, Wordpress

WordPress 5.2.4 is now available! This security release fixes 6 security issues. WordPress versions 5.2.3 and earlier are affected by these bugs, which are fixed in version 5.2.4. Updated versions of WordPress 5.1 and earlier are also available for any users who have not yet updated to 5.2. Security Updates Props to Evan Ricafort for finding an […]

└ Tags: ,

WordPress 5.2.3 Security and Maintenance Release

Sep05
by Ike on September 5, 2019 at 1:51 am
Posted In: Backups, CMS, PHP, Releases, security, Wordpress

WordPress 5.2.3 is now available! This security and maintenance release features 29 fixes and enhancements. Plus, it adds a number of security fixes—see the list below. These bugs affect WordPress versions 5.2.2 and earlier; version 5.2.3 fixes them, so you’ll want to upgrade. If you haven’t yet updated to 5.2, there are also updated versions […]

└ Tags: ,

Uniqlo and The Guardian among thousands of sites loading malicious code from S3

Aug29
by Ike on August 29, 2019 at 2:00 pm
Posted In: Around the Net, security

Uniqlo’s website transmitted customers’ credit card details to fraudsters for more than a week in May this year, following the addition of e-commerce skimming code. The injected JavaScript code was designed to silently ‘skim’ the completed checkout form and send a copy of the customer’s details to the fraudsters. Thousands more sites have also been […]

└ Tags: ,
 Comment 

Netcraft Extension adds protection against malicious JavaScript

Aug19
by Ike on August 19, 2019 at 11:00 am
Posted In: Netcraft Services, security

Netcraft has updated its browser extension to add protection against malicious JavaScript, including shopping site skimmers and web miners. Shopping site skimmers are malicious JavaScript programs that steal your payment card information when you checkout on a compromised online store, and send it back to a fraudster to use later. These attacks have affected a […]

└ Tags: ,
 Comment 

Netcraft releases anti-phishing extension for Microsoft Edge

Jul16
by Ike on July 16, 2019 at 2:20 pm
Posted In: Netcraft Services, security

The Netcraft Anti-Phishing Extension is now available for Microsoft Edge. The Netcraft Anti-Phishing Extension provides phishing and XSS protection as well as informing you about the websites you visit. It was first made available for Internet Explorer in December 2004, followed by Firefox in 2005, Chrome in 2012 and Opera in 2013. Microsoft Edge is […]

└ Tags: ,
 Comment 

Acronis and ZNetLive join forces to offer new security solution

Jun13
by Ike on June 13, 2019 at 6:00 am
Posted In: acronis, acronis backup extension, AWS cloud, backup, cloud hosting, Cloud VPS, Dedicated Servers, Microsoft Azure, partner, Plesk, Plesk news and announcements, Releases, security, wordpress hosting, ZNetLive

The post Acronis and ZNetLive join forces to offer new security solution appeared first on Plesk.

└ Tags: , , , , , , , , , , , ,
 Comment 

CLEOR : la bijouterie en ligne victime d’un skimmer numérique

May22
by Ike on May 22, 2019 at 11:00 am
Posted In: security

Read this article in English La bijouterie en ligne française CLEOR, active dans 136 bijouteries, a été infectée d’un skimmer JavaScript. Le code malveillant injecté est conçu pour envoyer les données bancaires aux criminels sur le formulaire de paiement en ligne légitime de Cleor. Skimmers sur les boutiques en ligne Cette attaque compte de nombreuses […]

└ Tags:
 Comment 

Cloudflare Releases New Warp VPN

Apr30
by Ike on April 30, 2019 at 6:57 am
Posted In: CloudFlare, Cloudflare VPN, DNS, Performance, Plesk, Plesk news and announcements, Releases, security, ServerShield (by Cloudflare), VPN

The post Cloudflare Releases New Warp VPN appeared first on Plesk.

└ Tags: , , , , , , ,
 Comment 

Well known UK bank vulnerable to impersonation for five years

Apr15
by Ike on April 15, 2019 at 9:12 am
Posted In: security

Netcraft has found that Halifax has been left vulnerable to convincing impersonation attacks for five years. The operator of a website promoting Spanish hotels is able to send and receive emails on the official Halifax online banking domain, and get legitimate security certificates issued for the same domain.

└ Tags:
 Comment 

Your Automatic Server Update to Plesk 17.8

Apr11
by Ike on April 11, 2019 at 7:21 am
Posted In: Plesk, Plesk 17.8, Plesk news and announcements, Plesk server security, Plesk server update, Releases, security, Security alerts

The post Your Automatic Server Update to Plesk 17.8 appeared first on Plesk.

└ Tags: , , , , ,
 Comment 

“Cybersecurity is changing; We need new protection strategies” – Say CloudLinux (Imunify360)

Apr08
by Ike on April 8, 2019 at 10:31 am
Posted In: antivirus, backup, CloudLinux, firewall, hacking, Imunify360, Plesk, Releases, security, Security alerts

The post “Cybersecurity is changing; We need new protection strategies” – Say CloudLinux (Imunify360) appeared first on Plesk.

└ Tags: , , , , , , ,
 Comment 

Fake EV certificates used in Steam trade phishing attacks

Mar12
by Ike on March 12, 2019 at 12:19 pm
Posted In: security

An extremely convincing phishing attack that impersonates a multi-game skin trade bot appears to be using a fake Extended Validation TLS certificate to steal Steam accounts. The ongoing phishing attack impersonates TradeIt.gg, which facilitates the trading of skins, weapons and other in-game commodities within popular games like CS:GO, TF2 and DOTA. When a victim attempts […]

└ Tags:
 Comment 

45 queries. 8 mb Memory usage. 2.106 seconds.