Technical Resources – Page 4 – Bitstop Network Services Data Center

Failure to Patch caused Travelex to shutdown

January 11, 2020January 21, 2020 admin

Image result for ransomware travelex

Background

Infosecurity Magazine reports that currency exchange bureau Travelex was hit by a new year’s eve cyber attack. This attack disrupted UK bank customers. Travelex took all of its system offline as a precaution. They identified the culprit as Sodinokibi (REvil). Travelex has been unable to resume normal operations since the attack.

Meanwhile, Soidnokibi creators says that “Travelex will pay, One way or another”. The attackers are applying pressure to pay a multi-million dollar ransom by stating that they will release or sell stolen data that allegedly contains Travelex’ customer personal data.

How did this happen? Read More

WordPress Site Optimization by Tzar Umang

January 10, 2020January 10, 2020 admin

Learn how Tzar Umang dealt with a WordPress site, whose size was around 5GB to eventually load in 2 seconds!

Tzar will share with the participants the tools that he used:

1. WP Rocket
2. Auto-optimize
3. Imagify.io (ultra compression)

Server Side:
1. PHP Compress – cPanel
2. Content Delivery // Packet Compression (made with python)

To reserve your slot, kindly register for the FREE event here.

Increased Vigilance Urged in Spillover of US-IRAN conflict on cyber arena

January 8, 2020May 24, 2021 admin

Here are some primer and tips from the US Homeland Security on securing your network against potential collateral attacks and damage brought on by the US-Iran conflict.

Alert (AA20-006A)
Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad

Recommended Actions

The following is a composite of actionable technical recommendations for IT professionals and providers to reduce their overall vulnerability. These recommendations are not exhaustive; rather they focus on the actions that will likely have the highest return on investment. In general, CISA recommends two courses of action in the face of potential threat from Iranian actors: 1) vulnerability mitigation and 2) incident preparation.

Disable all unnecessary ports and protocols. Review network security device logs and determine whether to shut off unnecessary ports and protocols. Monitor common ports and protocols for command and control activity.
Enhance monitoring of network and email traffic. Review network signatures and indicators for focused operations activities, monitor for new phishing themes and adjust email rules accordingly, and follow best practices of restricting attachments via email or other mechanisms.
Patch externally facing equipment. Focus on patching critical and high vulnerabilities that allow for remote code execution or denial of service on externally facing equipment.
Log and limit usage of PowerShell. Limit the usage of PowerShell to only users and accounts that need it, enable code signing of PowerShell scripts, and enable logging of all PowerShell commands.
Ensure backups are up to date and stored in an easily retrievable location that is air-gapped from the organizational network.

Patterns of Publicly Known Iranian Advanced Persistent Threats

WordPress TOOL to erase Personal Data

January 7, 2020January 7, 2020 admin

WordPress 4.9.6 included a feature to delete a user’s personal data upon verified request. Deleted data is permanently removed from the database. Erasure requests cannot be reversed after they have been confirmed.