A hacker managed to breach cybersecurity at HealthCare.gov and implant malicious code on the federal Obamacare website, officials revealed Thursday.
Healthcare.gov hosts the federal insurance exchange on which millions of Americans have purchased health insurance since the Affordable Care Act mandate that most people be insured began rolling out last year. Officials said they learned of the hack, which took place in July, last week.
We recently installed the Sitesassure Security Suite on one of our service companies websites. This joomla website has been secured by RSFIREWALL for years, a software firewall which we recommended and have installed on every joomla site worked on. It has been extremely effective over the years in preventing attacks and intrusions from success compromising websites.
A Russian malware called SoakSoak has infected over 100,000 Wordpress sites since this Sunday, turning blogs into attack platforms. It's a potential shitshow, and it could've been prevented earlier this fall.
Google has already blocked 11,000 domains to try to curb the damage. According to security firm Sucuri, the malware uses a vulnerability in a slideshow plug-in called Slider Revolution. The Slider Revolution team have fixed it with updates. The problem is that the old,vulnerable version of the plug-in is still bundled with Wordpress themes, so lots of sites are still using the wrong version.
Advisory for: WordPress Download Manager
Security Risk: Very High
Exploitation level: Easy/Remote
DREAD Score: 9/10
Vulnerability: Code Execution / Remote File Inclusion
Patched Version: <2.7.5\\http://www.sitesassure.com/images/wordpressIcon2.png
If you’re using the popular WP Download Manager plugin (around 850,000 downloads), you should update right away. During a routine audit for our Website Firewall (WAF), we found a dangerous remote code execution (RCE) and remote file inclusion (RFI) vulnerability. A malicious user can exploit this vulnerability to take control of your website by uploading backdoors and modifying user passwords.The vulnerability was discovered and disclosed last week and immediately patched by the WP Download Manager. They have released a patch in version 2.7.5 to fix this issue.
http://blog.sucuri.net/2014/12/security-advisory-high-severity-wordpress-download-manager.html
Sitesassure - MORE THE REASON
The time has come: Joomla 2.5 official support will come to an end. On December 31st 2014.
Joomla 2.5 will reach its official End-Of-Life and will be officially deprecated.
This could have serious and detrimental effects to your current Joomla websites future.
Joomla 2.5 was released on January 20th 2011.and has been with us now for almost 4 years.
In 2012, Joomla 3 was released with enhancements and many new features. Joomla 3.X.X has become stable and a more friendly and usable system. The day has come and has been known for quite some time already for you to seriously consider the upgrading of your website.
Our new security suite of tools to safely secure your website has been released.
Our anti-hacker firewall includes Layer 1 300+ signatures and Layer 2 70+ security patterns.
Our customers come to us time and time again with a common issue.
Their website developer/designer has registered their domain and hosted their websites in their own developers account. Our customers find they don't have access or own their domains or hosting accounts, and thus, we cannot get access to fix or add our services to their websites.
Now, through a exclusive agreement with our security services company, SITESASSURE.COM, we can offer ONE YEAR FREE LAUNCH PLAN HOSTING* with our hosting partner, "INMOTION HOSTING".
