fbpx

Reminder: Google Insecure Forms Warning 

No-SSL-No-Conversions

With the release of Chrome 62, Google will mark any website with an insecure form “Not Secure.”

If you haven’t added SSL to your website, you may want to—an important deadline is coming up. Starting in October with the release of Chrome 62, Google will be marking any website with an insecure form “Not Secure.” This isn’t just a warning for pages with an insecure login/password field, now it’s any field—anywhere a user can input information.

Insecure Password Warning, Firefox 52
The warning for an insecure password field.

This is keeping with Google’s push for universal encryption. The company has continued to ramp up pressure for websites to add SSL. And Google doesn’t plan to stop at just warning Chrome users about insecure forms, either. Google plans to roll out a warning for all HTTP websites sometime in 2018.

HTTP website

So heed this warning, if your website is anything more than a blog or a personal website, you need to encrypt. Whether you’re just collecting an email address as part of a capture strategy or you’ve got a signup form somewhere, you’ll be sorry if you don’t secure it before Chrome 62 drops in October.

“Not Secure” warnings kill conversions

Nothing is going to kill your conversion rate faster than Google placing a “Not Secure” warning in your address bar or drop an interstitial warning when a customer attempts to type in one of your website’s fields.

And it’s not just Google, the other browsers are also adopting similar policies with regard to encryption and insecure websites.

Think about it, people tend to trust their browsers. When one of them tells a user that he or she is not safe on a website, the vast majority of people are going to leave. Nobody is sitting at their computer saying, “this seems like a worthwhile risk to take.”

So remember, if your website has any forms on it—install SSL. Waiting until Google flags your website is playing with fire. It’s time to add SSL. Contact us today for a free evaluation to provide your site the correct level of security for a reasonable price.

Always hire a professional.

hacked-wordpress-site
hacked-wordpress-site

When an inexperienced person attempts to build a website, this can easily happen.

The old adage, “You get what you pay for.” came into play recently when a potential client contacted us after deciding to let some cheapo “web developers” build her site.  They not only built a horribly bad looking, difficult to navigate site, they did nothing for security.  The result:  A site that is now distributing malware.  To top it off, it’s hosted on GoDaddy antique servers and probably infiltrating even deeper.  There are certain things of which you should not take the cheap route, you’ve all heard it before.  When you cheap with how you represent yourself and/or your business, it never does anyone any good.  Buy smart, do your research.

Who’s watching you?

ssl-certificate-from-spearhead-multimedia

Sometimes we don’t realize and then don’t remember whom we’ve given access to our Google account in order to set up an account from another vendor.

It’s always a good idea to go to https://myaccount.google.com/permissions while you’re logged in to your Google account and review who has access to your private information.

If you use an Android based phone be careful not to remove access to important apps and make sure you do for the questionable ones.  Not sure about an app?  Google it and see.

New Evil Locky Ransomware Strain Evades Machine Learning Security Software

ransomwareHere is the latest tactic in the cat-and-mouse game between cybercrime and security software vendors. The bad guys have come up with new a ransomware phishing attack, tricking users to open what appears to be a document scanned from an internal Konica Minolta C224e.

This model is one of the most popular business scanner/printers in the world. The emails are written to make the user think that the communication is from a vendor.

Basically, Locky is back with a vengeance and a whole new bag of evil tricks.

The campaign launched Sept. 18 features a sophisticated new wrinkle, enabling it to slip past many of the machine learning algorithm-based software sold by some of the industry’s most popular vendors, said security firm Comodo.

“The method of phishing is by an attachment of an email; the attachment is disguised as a printer output, and it contains a script inside an archive file,” said Fatih Orhan, vice president of Comodo Threat Research Labs. “These are not enough to make a phishing detection.”

This is the third recent massive Locky attack

The third in an increasingly sophisticated series of ransomware attacks launched this summer is dubbed IKARUS by Comodo, some other security vendors are calling it Locky Diablo6.

As in previous attacks, the Eastern European Locky cyber mafia is using a botnet of zombie computers which makes it hard to simply block by IP.

“Employees today scan original documents at the company scanner/printer and email them to themselves and others as a standard practice, so this malware-laden email looks quite innocent but is anything but harmless,” the report continues.

The most innovative hook of this new feature involves the way these criminal hackers manage to evade spam filters.

Here is how it evades machine learning

“Machine learning algorithms need to extract the attachment, open the archive, extract the script and understand it has a malicious intent,” said Orhan, the Comodo research head. “But usually, these scripts contain just a download component and do not have malicious intent on their own.”

“That’s why even machine learning is not sufficient in making these kind of detections,” he continued. “Complex solutions are needed to run the script dynamically, download actual payload, and perform malware analysis to conclude that it is phishing.”

In other words, it looks like that again the bad guys are ahead of your spam filters, whether that is a traditional or new machine-learning flavor.

Now, the Locky payload still ultimately uses an executable file written to disk, so your endpoint security may be able to block it. There are other types of attacks that take advantage of machine learning blind spots (fileless attacks, for example), but this isn’t one of them. What the bad guys behind Locky count on is cranking out so many new variants that antivirus (even some machine learning ones) won’t recognize and block it.

How vulnerable is your network against a ransomware attack?

Bad guys are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s “RanSim” gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 10 infection scenarios and show you if a workstation is vulnerable to infection.

This will take you 5 minutes and may give you some insights you never expected! Get your complimentary download of RanSim here:
https://info.knowbe4.com/ransomware-simulator-tool-1chn