Help
News Bulletins

News Bulletin November-December 2016

CV_PSAB_NewsletterWelcome to the latest edition of our News Bulletin, provided as a service for web and hosting clients of: The Pennsylvania State Association of Boroughs and CourseVector, LLC.

Alerts

Scam: Domain Name Renewal Notices

Please be aware that illegitimate companies are still sending scam domain renewal notices! If you receive a questionable notice from a company such as “iDNS”, do not send payment, and contact CourseVector to confirm that the domain expiration is valid.

 

Millions of Wix.com Users Vulnerable to Hackers

Websites hosted with Wix.com were open to attacks because of an unpatched vulnerability.

Joomla Users Vulnerable In Recent to Attacks

Joomla recently released a patch to fix critical flaws in its programming. In conjunctions with the release, the Joomla users were hit with a new wave of attacks.

CourseVector offers secure and managed WordPress hosting options. We take all threats seriously, and work tirelessly to protect our customers and their websites.

 

Spotify Serving Malicious Ads to Freemium Users

Spotify users are reporting that ads running on Spotify Free, the streaming music service’s free product, automatically open malicious websites without their permission.

 

Simple Website Flaw Exposed Data Of Charter Internet Customers

A security flaw discovered in the website of Charter Communications, a cable and Internet provider active in 28 states, may have exposed the personal account details of its customers.

 

Compromised eCommerce Sites Targeting Retail Customers

Magecart, a recently observed instance of threat actors injecting a keylogger directly into a website, is one obscure method of targeting customers via retailer payment platforms. Since the widely publicized breach of Target Corporation, there has been a significant increase in awareness of activity surrounding POS (point of sale) system breaches.

 

6000+ Compromised Online Shops

RiskIQ researchers revealed that over 100 online shops have, at one point in the last six months, been injected with malicious JavaScript code that exfiltrates payment card information users enter to pay for their shopping. The number of compromised online shops keeps rising.

 

Current Happenings

Managed WordPress Maintenance – Remote Server Program

CourseVector now offers Managed WordPress Maintenance to clients on remote servers. Now, even if you are not hosting your website with CourseVector, you can take advantage of our hassle-free maintenance, including updates, backups, and plugins. Let us handle the hard work for you. Contact us today to set up Managed WordPress Maintenance.

 

Security News

Massive Bot Net Attack and How To Make Sure You Did Not Contribute

Mirai Botnet linked to massive DDoS attacks on Dyn DNS. See this link to check the internet connection to your home or office to see if there are any devices that can contribute to a DDoS attack.

 

Hacker Compromises 43 Million Weebly Accounts

Web hosting service Weebly has confirmed a major data breach, following a report stating that 43.4 million accounts were stolen from the company’s main database in February 2016. CourseVector understands the security threat of malicious data breaches and provides our hosting customers the best protection against such threats.

 

Locky Ransomware Learns New Evasive Tricks

According to the Microsoft Malware Detection Center team, Locky Ransomware authors have shifted the type of malicious attachments used in their spam campaigns to evade detection.

 

Vulnerability Patched in WordPress Theme that Allows Unrestricted Uploads

WordPress theme publisher DynamicPress fixed a flaw Monday that let anyone upload malicious files to sites running its business-themed Neosense WordPress templates.

 

AmEx Users Hit With Phishing Email Offering Anti-Phishing Protection

American Express users are being actively targeted with phishing emails impersonating the company and advising users to create an “American Express Personal Safe Key” to improve the security of their accounts, then taken to a bogus log-in page and instructed to input personal information.

 

Nine Info Security Mistakes Employees Make Over and Over Again

Some of the most common security issues are caused by bad habits ingrained in employees’ day-to-day routines. Thankfully, these potential threats and vulnerabilities are possible to reduce, by improving organisation-wide awareness of the most common information security mistakes.

 

Cybercriminals Already Able to Hack ATM Biometric Readers

The first test running biometric scanners on ATM started about a year ago, but Kaspersky Labs has found for sale on the Dark Web 12 sellers of devices allegedly capable of stealing fingerprints. The research has also located evidence that three other groups or individuals are working on a way to steal data from palm print and iris recognition systems.

 

Backdoored D-Link Router Should be Trashed, Researcher Says

The router suffers from 20 vulnerabilities, including a backdoor, backdoor accounts, and a default Wi-Fi Protected Setup PIN, to name a few of them. D-Link’s DWR-932B security issues are too numerous to patch.

 

Malicious Websites Visited Every Five Seconds by Enterprise Workers

A user at an enterprise organization accesses a malicious website every five seconds, according to research published by CheckPoint Software Technologies.

 

Book Examines U.S. Justice System

CourseVector recently created a website for author James Bowers Johnson. In his book, The End of Justice, Johnson gives an account of his experiences with the U.S. justice system. The End of Justice was a free website design by CourseVector, with minimal customization of an ecommerce package. Johnson is offering free copies of his book to those who are interested.

 

Featured Websites

Broken Laptop Screen

Broken Laptop Screen

CourseVector designed and built the website for Broken Laptop Screen, UK laptop screen repair specialists.

Paddleboard New Smyrna

paddleboard new smyrna

Paddleboard New Smyrna offers paddleboard rentals, lessons, and tours in New Smyrna Beach, Florida. CourseVector completed a redesign of the website and designed a logo needed for a specific event.

Sustainable Horizons Institute

shinstitute

Sustainable Horizons Institute is a non profit organization dedicated to building sustainable and inclusive scientific communities. CourseVector converted their outdated website to WordPress.

Freeport Borough

freeport borough

CourseVector designed the website for Freeport Borough in Armstrong County, Pennsylvania.

 

FAQ of the Month

Why should CourseVector handle my WordPress and Plugin updates? Will I have an issue with the 6-month update cycle?

Don’t let a WordPress update break your site! Managed WordPress Hosting includes updates and patches. We suggest that all of our clients allow us to do WordPress and CourseVector-installed plugin updates on their website(s). We always take responsibility for this maintenance and any issues that may arise as a result. Your site’s maintenance will be performed every 6 months, or sooner if there is a critical update. If you are concerned about the 6-month period between updates, know that our external firewalls help to protect against numerous vulnerabilities. Read more on our FAQ page. We’re always here to answer your questions. Don’t hesitate to contact us at any time!

Where is Internet Explorer? Why is my browser so different?

Some banks and government sites don’t support modern browsers, so the easiest way is to use Internet Explorer. But on Windows 10, they hid it and replaced it with Microsoft Edge. This video shows how to find Internet Explorer again.

   

News and Tips

The Events Calendar Plugin: Easily Add Events to your WordPress Site

The Events Calendar is free WordPress Plugin that makes managing events from your site easy and efficient!

Someone can Empty your Bank Account with the Information on the Front of Every Check you Write

The organization in charge of processing check payments warns that you should stop using paper checks.

Appointy: Online Appointment Scheduling Software

Appointy all-in-one scheduling software has everything you need to grow and manage your business in one easy-to-use interface. For information on this and other helpful plugins, visit our support-files WordPress plugins page.

 

Comedy Corner

comedy corner
 
Print Friendly

0