Presentation is loading. Please wait.

Presentation is loading. Please wait.

Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include.

Similar presentations


Presentation on theme: "Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include."— Presentation transcript:

1 Prepared By, Mahadir Ahmad

2 StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include Google, PayPal, Mozilla, Verizon, and Qualys. StopBadware is based in Cambridge, Mass. For more information, visit https://www.stopbadware.org/https://www.stopbadware.org/ Commtouch (NASDAQ: CTCH) safeguards the world’s leading security companies and service providers with cloudbased Internet security services. Real-time threat intelligence from Commtouch’s GlobalView™ Cloud powers its Web filtering, email security and antivirus solutions, protecting thousands of organizations and hundreds of millions of users worldwide visit http://www.commtouch.com/http://www.commtouch.com/

3

4 Only 9% out of over 600 websites that was compromised using Joomla

5 New Flaws Exploits Social Engineering Phishing

6 Does your Webmaster have knowledge about the CMS being used? 64% said in the survey they don’t even know how their website being compromised, 20% don’t update their website software or plugins.

7 Only 4% used for defacement (vandalized), Are you sure your current website has not been compromised? It could be used for spamming and other things even hard for a beginner’s Webmaster to notice it.

8 o Keep software and all plug-ins updated. Whether you run popular content management software (e.g., WordPress, Joomla, Blogger) or custom software, make sure that software and all third party plug-ins or extensions are updated. Remove plug-ins or other add-ons that aren’t in use. o Use strong, varied passwords. WordPress login credentials, for example, should be different from FTP credentials. Never store passwords on your local machine. o Regularly scan your PC for malware. o Use appropriate file permissions on your web server. o Research your options and make security a priority when choosing a web hosting provider. If you aren’t confident you can protect your site on your own, consider using an add-on security service from your hosting provider or a third party website security service.

9 The most popular hack on Joomla until now is defacement

10 Hiding Joomla from automatic scanner Hiding Joomla from automatic scanner & novice hacker Hiding /administrator Remove all joomla keywords in source code

11 Joomla Firewall Joomla Firewall Protect & block any well known SQL injections Detect insecure file permissions Security suggestions

12 Manually checking for vulnerabilities in Official Joomla Vulnerable Extension Lists Manually checking for vulnerabilities in Official Joomla Vulnerable Extension Lists Continually checking for any known vulnerabilities Update extensions continuously

13 Two factors Administrator Authentication Two factors Administrator Authentication /Administrator hiding + Two factors login = No login for unauthorized users + No brute force attacks

14 Others Others Daily backup Move critical files/folders outside of public access (outside public_html or wwwroot) Daily monitor for new updates for Joomla core.

15 Penetration Test Using Open Web Application Security Project Penetration Test Using Open Web Application Security Project

16

17


Download ppt "Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include."

Similar presentations


Ads by Google