It's been a while since we posted an update about Internet security, but that's not because the bad guys haven't been busy. Rather, they have been so busy it's about all we would post if we did keep up. Just in the last week or two we have seen several new warnings and reports. Apple and Adobe have ...Read More...

Hacking of WordPress websites has been a constant worry for users of the platform. Lately, we have had several WordPress customers get their sites hacked or admin login compromised through a brute force attack. In order to protect yourself and improve your WordPress security, there are a few easy but ...Read More...

Whether you realize it or not, Internet security is one of the most significant issues of our day. Twenty years ago, the Internet wasn't part of our lives and Internet security wasn't even a serious issue for nerds. But today, Internet technologies touch everything we do and I don't know anyone who ...Read More...

Well this is the week for Internet security problems, it seems. Here's a real-life situation that just happened to a 111 Web Studio customer in the normal course of doing business. It starts with one of those things that happens in many businesses every day. Let's say you're the VP of Finance and the ...Read More...

As you have read many times in this blog, security on the Internet is every Internet user's responsibility. Both web site owners and websites visitors must participate in regular upgrades, not to get the shiny, new thing, but rather to protect against hacking and online threats. As a result of recent ...Read More...

We are sorry to report that a Finnish researcher has released information about a bug without first telling WordPress developers about it. His reasoning is that it took way too long for them to fix one last time, leaving all sites vulnerable for months. This bug allows a hacker to attack and take over ...Read More...

The Websense Security Labs 2015 threat report is out and it's not pretty. While malware threats declined 5% to nearly 4 billion threats last year, the number of high profile, damaging breaches increased substantially as bad guys got more sophisticated and targeted in their attacks. This focus on quality ...Read More...

A press release from the Federal Bureau of Investigation warns WordPress users to update their plugins or risk defacement from ISIS hackers. So far, the busy hackers have defaced websites belonging to "news organizations, commercial entities, religious institutions, federal/state/local governments, ...Read More...

Here we go again... Back in the 90s, the US government thought they were being clever by making it illegal to export software with more than 512 byte encryption keys, which were considered good enough twenty years ago. As a result, websites were designed to step down below 512 if a visitor showed up ...Read More...

Phone Scam Alert! Here's another scam for you to mention to all your non-technical or non-suspicious friends and family. One of our employees had a phone call to his home. The caller said, "I see you are having computer problems..." and offered to help fix them. Of course, the fix ends up with your ...Read More...

admin:admin is Not Good Enough! Low end home routers come with default passwords that many users don't bother to change. As you might guess some clever hackers have written malware that searches the net looking for them.,When found, these routers are infected with software that is used to perform ...Read More...

By now, you probably know all about the North Korean government effort to stop Sony from showing the comedy movie about the assassination of their leader. This hacker action was an attack like that is very difficult to stop. Recent research by a Microsoft strategist and a security expert claim that ...Read More...

We are sorry to report the latest WordPress vulnerability which apparently has been around for four years and effects 86% of all WordPress sites. This one is a Cross Site Scripting (XSS) bug and is associated with the commonly used comment system plugin. If you are using WordPress versions between ...Read More...

Many of you may already have heard about the Internet-wide security issue referred to as POODLE that came out on October 14, and have asked us if you need to do anything about it. The short answer is maybe, so if you have specific questions about your own application, let us know and we'll take a look. Meanwhile, ...Read More...

UPDATE: Apparently, there's more bad news for Drupal site owners. If you didn't perform the latest upgrade within 7 hours of the announcement (by 11PM UTC on 10/15/14) your site has almost certainly been hacked. Worse, the server it's on could possibly be breached as well. Drupal security experts ...Read More...

Bad guys have figured out ways to pack malware into the wrapper that apps are wrapped in such that when you download a perfectly innocent app, you get the malware with it. There is a fix, though, so all is not lost. This is just another episode in the ongoing battle between hackers and the rest of us, ...Read More...

If you are using Drupal 7, you absolutely need to upgrade to version 7.3 immediately... sigh. This drill seems like it's never ending, but it's a fact of life in today's Internet World. This particular vulnerability is a bad one. It allows a hacker to take total control of your site... and unfortunately, ...Read More...

UPDATE 10/24/14: Adobe has tweaked their application such that now, they encrypt the data being sent back to them, so they are still spying on you, but now your data are "safe" since only Adobe will have them. Good grief. If you use Adobe Digital Editions to read your eBooks, you may want to reconsider. ...Read More...

A new study by Trustwave, the PCI compliance testing folks, has discovered that easy passwords are still a huge problem despite warnings from IT staff about internet security. Worse still, even short but complex passwords are also easily cracked because today's processors can throw 17.3 billion calculations ...Read More...

Two IT companies partnered to create a free tool (no longer available) to decrypt your encrypted data if you get hit with the Cryptolocker ransomware. All you have to do is upload an encrypted file and they will send you a decryption key. You may have experienced or at least heard about Cryptolocker ...Read More...