important-information-about-the-security-of-websites-running-drupal-version-757-or-below-or-drupal.png

Security of Drupal 8.5 or below.

This post contains important, time sensitive information about the security of your website if you're running Drupal version 7.57 or below or Drupal 8.5 or below. If you're an O'Brien Media client with a Drupal website you'll probably be familiar with the periodic Drupal update emails we send out regarding how important it is to keep up to date with security patches and other updates for your...
Read More
the-end-of-the-insecure-web-is-nigh-switch-to-https-to-keep-current.jpg

The end of the insecure web is nigh, switch to HTTPS to keep current

For the past several years, Google has been leading the charge towards a more secure web by strongly advocating that website owners adopt HTTPS encryption. And within the last year, Google has also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure” - including contact and enquiry forms. Beginning in July of this year,...
Read More
Malicious website password reset requests on the rise from Russia

Important: Malicious website password reset requests on the rise from Russia

With all the interest in Russian hackers and a certain presidential campaign you'd be forgiven for thinking that only high-profile websites and individuals are targets for hackers. Not so. Over the past week we’ve seen a 1900% (yes one thousand nine hundred) percent increase in the number of malicious login attempts to websites hosted on our servers. And we’re not alone. Across the...
Read More
keep-your-wordpress-or-drupal-website-up-to-date-to-stay-safe-from-hackers.png

Keep your WordPress or Drupal website up-to-date to stay safe from hackers

How often should you update your WordPress or Drupal, themes and plugins/modules? The short answer is as often as possible... and here's why. The main reason for this is security. WordPress & Drupal sites are prime targets for hackers. These hackers don't want to bring you down because they dislike you, in fact most of these hacks originate from bots crawling the web, looking for WordPress...
Read More
is-your-website-using-https-google-is-dropping-support-for-http-on-chrome-from-october.jpeg

Is your website using HTTPS?

Google’s efforts with Chrome to encourage the web’s transition to HTTPS are beginning to pay off. The company has now announced plans to extend the effort with the “Not secure” badge scheduled to show up on more HTTP pages. With version 56 in January, Chrome began marking HTTP sites with password or credit card fields as “Not secure” in the address bar. As a result, Google...
Read More
new-ransomware-campaign-is-targeting-google-chrome-users-with-fake-font-update-alerts.png

New ransomware campaign is targeting Google Chrome users with fake font update alerts

A new ransomware campaign is targeting Google Chrome users.  If Chrome users visit a compromised site, an alert will pop up prompting the user to “update” a Chrome font extension.  The false update claims it need to execute because Hoefler Text is not found.  Although this text font is legitimate, the update is not. According to Forbes, researchers have found after users execute the fake...
Read More
hundreds-of-thousands-of-wordpress-sites-defaced-through-rest-api-vulnerability.jpg

Hundreds of Thousands of WordPress Sites Defaced through REST API Vulnerability

At the end of January, WordPress 4.7.2 was released to fix four security issues, three of which were disclosed at the time of the release. The fourth and most critical issue, an unauthenticated privilege escalation vulnerability in a REST API endpoint, was fixed silently and disclosed a week after the release. This vulnerability allows anyone with the right know-how to edit the content of...
Read More
upgrade-today-critical-vulnerability-in-phpmailer-affects-wordpress-drupal-websites.jpeg

Upgrade today WordPress, Drupal websites

On the 25th of December 2016, a security researcher disclosed a critical remote code execution flaw within a popular programme used to send emails from websites and web applications. The PHPMailer library is used by more than 9 million websites worldwide and is bundled with popular content management systems such as WordPress and Drupal. At worst this is a flaw that could be used to run...
Read More
important-announcement-about-your-online-security.png

Important announcement about your online security

As you may now be aware, an increasing number of websites and online services have recently revealed breaches in their cyber security. In many cases, a user’s email address, username, and password are obtained from one website, and then used to access other websites and services. This is because people tend to use the same username and password for multiple online accounts. To be clear, we...
Read More
keeping-safe-with-malwarebytes-anti-malware.jpg

Keeping Safe with Malwarebytes Anti-Malware

Nearly all aspects of our lives now involve technology in one way or another. Everyone owns several devices that are connected to the internet. Naturally with internet connectivity comes the inevitable danger of malicious activity. Malware development is a booming business and is growing by millions in stolen revenue every year. As malware gets more and more sophisticated, cyber security firms...
Read More