Yesterday, Microsoft released information regarding a Zero-Day vulnerability in a number of their Operating Systems and office applications. This can result in corruption of memory on the systems in these affected platforms. A hacker can gain administrative access to a PC using a specially formatted “.tiff” file. This would be an image file, generally attached to an email or sent to the user which would have to be opened by the user. For Canadian Web Hosting Windows web hosting customers, Windows server 2012 operating systems is not part of the vulnerable OS, but Windows Server 2008 may be vulnerable.
The following products are vulnerable to this exploit:
- Windows Vista x86, x64
- Windows Server 2008 x86, x64, Itanium, Server Core
- Microsoft Office 2003
- Microsoft Office 2007
- Microsoft Office 2010 x86, x64
- Microsoft Office Compatibility Pack
- Microsoft Lync 2010 x86, x64
- Microsoft Lync 2010 Attendee
- Microsoft Lync 2013 x86, x64
- Microsoft Lync Basic 2013 x86, x64
With anything, we remind all of our Canadian Web Hosting customers to stay vigilant and do not open any attachments from email addresses not familiar to you. In addition to Microsoft products, it is a good time to remind everyone to keep their web hosting applications up to date and examine your security framework like malware scanning, firewalls and intrusion prevention that helps protect your business and your customers data. Microsoft has stated they will take appropriate action, releasing a security update within the month. If you have questions, contact firstname.lastname@example.org or call us at 1.888.821.7888 and we can check your windows server.
When searching for your business online and you see this -
Your website and business are in trouble. You’ve been hacked. What should you do?
Every day, malicious users, hackers and cybercriminals attempt to compromise thousands of websites. Hacks are often invisible to users, yet remain harmful to anyone viewing the page — including the site owner and/or business. Every day, we see customers who unbeknownst to them, have been hacked and their site has become infected with harmful code which in turn can record keystrokes on visitors’ computers, stealing login credentials for online banking or financial transactions.
You may ask yourself, isn’t it my web hosts job to protect my server? The answer is both yes and no. Your web host, like Canadian Web Hosting, has most likely implemented strong network security mechanisms and other security features that ensure your service works properly including hosting your website. However, where the most common misconception is that your web host does not control your server and your code for your website unless you are utilizing managed services. In an unmanaged environment, each customer is responsible for updating their applications, website code and implementing services to protect their business. We’ve seen some recent vulnerabilities with popular applications like WordPress that have severely impacted customer websites because they did not keep their applications up to date, even after receiving notifications that their code needs to be patched due to emergency vulnerabilities that have been identified. These attacks range from server configuration problems, SQL injections, Code injection, error templates and many more. It is also interesting to note that many customers fall into heavily targeted areas without even knowing that they are in a high risk geography. Trustwave recently release a graphic that shows the most common areas of attack based on country.
So, if you’ve been hacked what should you do? Here is where you ask yourself, do I want to handle it myself? Or get help? Here at Canadian Web Hosting we follow-up a very rigid methodology to quickly identify malware/hacks on customers site, and have built a rigorous process to eliminate the hack as soon as possible. Typically, we will look at the following steps:
1) Scanning your site
2) Quarantining the site
3) Validating backup files
4) Assessing the damage (hacked with spam or malware)
5) Identify the vulnerability
6) Clean and maintain the website
7) 24/7 Monitoring
Now, depending on your own expertise these steps range from basic to advance and may require a security professional to analyze the hack, remove it from your site/code and validate that your site is clean. In the next article, we will spend more time talking about each step and identifying some best practices to minimize any impact on your business and your customers. However, some simple steps can go a long ways in the event that an issue has occurred. Check your user accounts and make sure you have unique passwords that follow secure password principles, update your web applications and operating systems whenever a patch is released, and utilize low-cost 3rd party security providers that can monitor your site 24/7 and will notify you of any potential vulnerabilities or malware attacks on your site.
There are a few services like this available today like stopthehacker and Sucuri that offer basic month-to-month or yearly costs to monitor your site and your reputation and notify you in real time when an issue occurs. Recently, Canadian Web Hosting, the leading provider of web hosting and cloud-based Infrastructure as a Service (IaaS) solutions in Canada, partnered with Sucuri, the leader in malware prevention to deliver a cost-effective solution that is focused on malware detection and removal. The reasons for this are several but are focused on several key principles – 1) extremely effective at identifying issues, 2) low cost threshold, 3) continuous updates to their database and security threads and 4) use of security professionals who review your site code and implement fixes. This last point has been a key benefit for Canadian Web Hosting customers as it avoids common issues that we see with “automated” malware removal where the system just carves out the code without recognizing possible scenarios that will cause a site to crash or become unworkable.
Sucuri, works by actively scans all pages of customers’ websites for viruses and possible web malware threats to see if malicious users have injected harmful code into them. Additionally, Sucuri continually monitors potential new versions of malware and protects online businesses from any emerging threats. Because of potential complexities identified in the process list above, Canadian Web Hosting security experts take a very proactive approach work with our customers and will actively manage any malware notifications or possible attacks. In the event that an issue is identified, Canadian Web Hosting’s security teams take all necessary actions to rectify the situation including validation of clean backups and files, malware removal, and continuous communication with the customer. Here are some of the features of Sucuri:
Standard Malware Detection
Advanced Malware Detection with Artificial Intelligence
Server-side Scanning including .htaccess Hack Detection
Webpage Defacement Detection
Phishing Page Detection and many more
Blacklist and Reputation Monitoring
Server Side Scanning
Speed Monitoring & Up-time Monitoring
Working in combination with Canadian Web Hosting’s Secure IT platform, customers will benefit from using Canadian Web Hosting’s advanced Defense Network layer approach that both protects and monitor botnets, malware and a customer’s website's IP reputation to protect their users and networks from possible malware attacks. This includes malware prevention scanning that blocks inbound and outbound traffic by tracking malicious activities to their firewall gateways to enforce pre-determined security policies, as well as server side and website scanning that when combined are 85% more effective in preventing malware and malicious attacks when compared to traditional malware services.
Canadian Web Hosting Deploys Secure IT Botnet and Malware Prevention Across its Entire Network in Canada
Canadian Web Hosting has deployed Secure IT to increase network security that further protects business IT infrastructure for Canadian Web Hosting customers.
Vancouver, British Columbia, October 30, 2012
Canadian Web Hosting, the leading IT services and web hosting solutions, VPS, VM and cloud hosting services, announced today the deployment of Secure IT Botnet and Malware Prevention across its entire network. Secure IT is a combination of industry-leading technologies and partnerships that have been combined to create an advanced Defense Network layer that protects and monitors botnets and a website’s IP reputation to protect users and networks from possible malware attacks. Canadian Web Hosting customers utilizing this service will immediately benefit by eliminating attempts at data theft, reducing detrimental network activity, decrease spam to their inbox, and improve overall server and network performance. More importantly, Secure IT ensures that business infrastructure and IPs are protected and helps business customers remain competitive by improving productivity, and avoiding possible reputational damage.
The Botnet Defense and anti-malware technologies work by enabling Canadian Web Hosting’s network-based firewalls to block both inbound and outbound traffic by tracking, updating, reporting, and delivering malicious activities to the firewall gateway to enforce pre-determined security policies. The technology automatically stops any incoming or outgoing traffic including those coming from malware sites, and makes the host server invisible to the remote user.
"Over the next five years, the number of Web sites on the Internet will grow to almost five to seven times today's number, and more and more of those sites will become targets by inappropriate or outright malicious attacks," said Kevin Liang, Canadian Web Hosting CTO. "With these new technologies, we are providing a streamlined security platform that allows us to create custom white and black lists, lists for inbound and outbound blocking, as well as focusing on geographical regions or malware types. In doing so, we are able to remove a significant amount of malware for our customers. By giving our customers Secure IT, their content, systems, and reputation values will be protected from malicious attacks."
Today, botnets, spear-phishing, and related malware among the greatest network security risks. These malicious activities are designed to steal valuable data and control user machines and can cause great financial, competitive and reputational damage. Industry surveys show that botnet infection is near 100% for organizations of all sizes. For just a few dollars a month, Canadian Web Hosting customers can add the new defense layer to their plans and feel reassured that their IP, their business and their investment are secure. Contact Canadian Web Hosting today at 888-821-7888 or by email at email@example.com to find out how to get Secure IT Botnet and Malware Prevention today.
About CANADIAN WEB HOSTING Hosting
Since 1998, Canadian Web Hosting has been providing a 100% all Canadian service that delivers on-demand hosting solutions including Shared hosting, Virtual Private Servers (VPS), Cloud Hosting, Dedicated Servers, and IT as a Service for Canadian companies of all sizes. Through the use of innovative technologies and experienced support personnel, they continually focus on helping each customer by offering configurable solutions that are tailored to their exacting business requirements. Canadian Web Hosting guarantees a 100% network uptime, and a total money back guarantee that backs everything they do. Customers can get help by calling 1-888-821-7888 to get basic support. For more advanced technical support, customers can use email, ticketing or real time live chat support with support staff.
For more information, visit them at http://www.canadianwebhosting.com, or get the latest news by following them on Facebook and Twitter at @cawebhosting. This information can also be found on their site in the press room section or you may also view other related media content on their Pinterest page.
Canadian Web Hosting
The 2012 Olympics in London are in full swing and like other tech and business bloggers, we feel the urge to make an Olympics’ reference to make topics more relatable to our audience and current events. At the time of this post, Canadians are currently 25th in the medal count leaderboard – 0 gold, 2 silver and 5 bronze. Go Canada go! (Why do we sound like Canucks fans? Sorry, we can't help ourselves.)
How does an Olympian’s Training Relate to Web Hosting Online Prevention?
If you happen to be an athlete, say a hockey player, you might already know that according to sports’ studies, athletes can prevent injuries by taking some prevention steps such as strength training, which is one of the benefits in building muscles prior to competing. Strength training is necessary to promote success and safety. As such, the main keyword connects to: prevention. It’s simple. Prevention is one of the elements in an athlete’s overall training and in the web hosting world, prevention is highly important when it comes to protecting your sites, including your blogs. Our team often blogs about online privacy topics, and this time, we want to share with you how StopTheHacker can help you and your business regarding online security. If an athlete gets injured, he or she will lose precious time with physical therapy and such. It’s the same thing with your sites, if you get infected, you’ll lose hours, days and maybe weeks trying to recover data and preventing that from happening should be a must, so please read on. We want to help you become more productive in business and for you to worry less.
What is StopTheHacker?
StopTheHacker is a cloud based website protection suite (AV for Websites) to help prevent, detect and recover from malware (and viruses) attacks. StopTheHacker's technology, supported by the US National Science Foundation, has won multiple awards since 2009, and is a leading application supporting customers all over the globe, protecting their online presence from emerging threats. Each edition comes with a different feature set tailored to each specific target group and varying security requirements.
What are the Key Features of StopTheHacker?
Standard and Advanced Detections. StopTheHacker comes with standard or advanced detections. The standard feature checks all of your pages on your website for known viruses and web malware threats to see if hackers may have injected malicious code into your website. When enrolled, the built-in notification system immediately informs you about any scans found, so you, or your web master, can take actions if needed. The advanced version, in addition to what the standard version does, protects the website from never-before-identified malware. It detects malware within the following website elements including HTML, Java Script, php, iframes to name a few.
Automatic Malware Cleanup. You may not be a security expert, or have the resources available to handle a malware attack. Therefore, the automated malware scanning system can remove it for you and you can decide which level of automations fits the best for you. Let StopTheHacker tool do the work for you, so that you can focus on what’s important for your business.
Blacklist and Reputation Monitoring. It is a comprehensive daily check on the status of your website on Google’s Safe Browsing List and other search engines including Yahoo, and Bing; malware blacklists like Malware Patrol and Malware URL; DNS Blacklists; phishing blacklists like PhishTank; spam blacklists like SpamCop; and many more. We will automatically notify you if your website ends up on a blacklist and help you to remove your site from the search engine blacklist.
Vulnerability Assessment. It scans to identify vulnerabilities in your server/application configuration, so you can patch them to prevent web-based attacks by bots and hackers. Today, the tool checks over 35,000 vulnerabilities on your server(s), website and infrastructure. We also check for web application vulnerabilities in some of the most popular software applications like WordPress, Drupal, Django, Joomla, Ruby on Rails, OpenCMS. Through these scans, we can uncover vulnerabilities in custom installations too.
Other Features. They include speed and up-time monitoring, Facebook protection and because it’s cloud based, there’s no software to manage and it’s easy to set up. All services are offered on Software as a Service (SaaS) platform, and they are run outside the firewall.
How can a Customer Take Advantage of StopTheHacker?
It’s easy to implement StopTheHacker for your web hosting prevention needs, contact our sales teams today at 888-821-7888 or by email at firstname.lastname@example.org. Our expert team will work with you to examine your existing infrastructure and to relate back to our introduction, as strength training helps sports performance, it is important to remember that it is only one component of an integrated program, and compared to web hosting, prevention is only one of the components too. When you reach out to us, we can help you identify next steps to leverage our industry best services with Canadian Web Hosting along with prevention tools like StopTheHacker. Prevention is key, so don't wait!
What other online tools do you use to prevent your online sites? Please share your thoughts by leaving us a comment, otherwise, you may catch us on Twitter at @cawebhosting or on our Facebook Page, on a social side, we'll even chat with you about your favourite Olympics' event.Kevin Liang
CTO / SEO Guru
Fine tuning a server and a website for maximum performance is not as easy as one might assume. Each day, we get questions from our web hosting customers on why their server seems to be a bit slow, or website load times don’t seem to be optimized. More importantly, when we tell customers it is time to upgrade because their resources are maxed out, they usually looked to us and ask why they need to upgrade. The purpose behind this article is to overview some of the common trouble areas to improve server performance, and to also take a look at some other potential (and less common) areas where problems can hide. Looking at these together, one can usually identify where the performance breakdown is occurring and make a better judgment on needs to be done to improve their performance.
When in doubt, add more memory. This is a common response when a customer’s server memory allocation is being completely utilized, but is this always the right answer? A lot of times when we talk to our web hosting customers about this, we need to take a deeper look at their application. Oftentimes memory issues are actually the result of a separate issue, i.e. memory leaks from poorly designed software or system flaws that are manifesting themselves as “memory” errors. This is something we actually saw with an enterprise location that we were utilizing that oftentimes would require more memory when it was clear that more memory was not the issue. So, while adding more RAM is a solution, we also need to look at the root cause of the symptom to ensure that the added expense is needed.
Wikipedia describes the CPU as the “portion of a computer system that carries out the instructions of a computer program, and its role is somewhat analogous to the brain.” While server processors like Intel’s Xeon chips are calculating an amazing amount of instructions per second, there is still a physical limit that can cause a performance issue when the operations being processed exceed the capacity. As an example, when the CPU is operating at greater than 75%, the entire system will slow down. The reason for this is that the CPU needs the ability to “burst” where the processing load will reach 100% for short periods of time.
Disk I/O, what is it? Servers come vast storage capabilities and potential configurations to meet different type of server requirements, for example database servers and application servers. Because of this, when a server is built several different storage factors need to be accounted or. Disk speed, RAID type, storage type and controller technology all play a significant role in what is known as Disk I/O. Regardless of the combinations, there are physical limits on how much data can be put through the server even when using top of the line components. Because of this, it is important that we work with our web hosting customers to design the storage capabilities around the function of the server. Using my example above, a database server is going to need significantly more Disk I/O when compared to a web application server and because of this we would modify the RAID and drive types to improve that parameter.
We oftentimes get questions about whether there are network issues or other problems relating to the network that may be causing customer site issues. More than likely the answer is no and here is why. The first reason being is that our network delivers a 100% service level meaning that it is up and running 100% of the time or you get your money back. Outside of that, the other issues that could be potentially causing problems are bad switch ports, bad cables, router configuration issues or a network card that needs replacing. The occurrence of one of these happens is less then once a year.
What does Malware have to do with your server? Just like a desktop or laptop, viruses, and spyware can create a significant reduction in your servers performance by using your available resources to do things that in most cases you are not even aware of. To help customers with that, we deploy significant resources to combat malware including regular scans and code updates. In addition, we are deploying a new service called “Stop the Hacker” that utilizes new technologies and helps end users safeguard their servers and enhance the security, health status and reputation of the end users site.
Try as I might, one area that our customers don’t want to hear about is applications. Usually when I mention that the performance issues they are seeing might be related they often tell me that, “no, it’s worked perfectly in the past. It’s your server.” Oftentimes the performance issues lie within the application code itself. Oftentimes developers don’t take the time to structure the application for great performance and do not optimize the code to run on the web. Nine times out of ten, the only way to fix this is to get somebody into the code and make the updates that are required. We maintain an internal development that works full time updating and optimizing the code behind our customers applications, but there can be less expensive alternatives like looking for open source alternatives, implementing a proof of concept before deploying a production site, or asking your host for a test server to try your application. If you are interested in learning more about this topic, there is a great article I found (though a bit technical) that talks about some of the things that be done to improve your applications performance.