Categories
Articles

Defend your business from modern-day cyber attacks with these 3 tips

Unknowingly clicking on an email attachment containing malware has the power to corrupt your entire system and wipe out all of your highly sensitive data.

Now that’s frightening.

Cybercriminals are now finding more ways to steal money, highly sensitive data, and interrupt your business operations. That is why it’s crucial for you to protect your business and your customers from these types of threats.

Allow us to share with you three tips that you can use to defend your business from modern-day cyber attacks.

Let’s begin.

1. Perform Security Testing

One of the best defenses against cyber-attacks is to set up a defense mechanism that will detect threats before they even happen. You can do that by identifying vulnerabilities in your system.

Some vulnerabilities might only appear after a cyber-attack simulation or a test run, and this is why security testing is an essential factor in establishing the online security of your business.

For instance, one way of securing your website is by restricting access to specific pages through secure data access by catalog permissions.

Your web hosting and content management systems (CMS) should also be tested for possible security cracks that hackers can slip through.

You can work with third-party cybersecurity services like Bulletproof to help you with vulnerability assessment and penetration testing.

With cybersecurity features like hack simulations and a review of your firewall infrastructure, operating system, and server, this helps you identify system vulnerabilities that you need to fix and determine the level of risk to cyber-attacks.

Keep in mind that as your network changes and grows, so will the new and more sophisticated cyber-attacks. It’s because of this that you need to run vulnerability assessments as part of your first line of defense, and long-term cybersecurity game plan.

Suggested read: Acronis and ZNet Technologies join forces to equip partners with innovative cyber protection solutions

2. Guard Against Zero-Day Attacks

If you think that cybersecurity companies are the only ones fighting off cybercriminals, then think again. Even software developers are hard at work to protect their security solutions from cyber-attacks.

After all, the security and safety of their products can have a significant impact on retaining their customers, and this is why sellers include security patches in their solutions through regular software updates.

Security patches are intended to detect and fix vulnerabilities in your security system in the older software versions.

The first approach you should take should be to update your security software and applications regularly to keep yourself protected.

However, there is a kind of cyber-attack that even regular software updates have difficulty stopping, and that is zero-day attacks.

Zero-day attacks target and exploit security vulnerabilities as soon as they’re detected, not allowing software developers and security companies enough time to respond.

This type of attack is one of the most dangerous threats to your business and your customers.

The challenge, however, is remembering to regularly update your security software and apps as soon as they are available.

A sure-fire way to never miss your updates is to use apps to manage software patches automatically.modern-day cyber attacks

Here are some other tips to help you mitigate exposure to the risks that zero-day attacks pose:

  • Exercise safe browsing habits to minimize the dangers of cyber-attacks such as malware, spyware, virus, ransomware, etc. and protect your personal information.
  • Configure the security settings for your internet browser, security software, and operating system.
  • Always check for security patches and software updates by downloading the most recent versions. Doing so will fix bugs that older software versions might have missed.
  • Avoid downloading or opening files and attachments from unknown sources.

However, there might not be a fail-safe method to stop zero-day attacks, but a way to nullify its impact is by using Security Information and Event Management (SIEM) services.

SIEM services offer 24/7 incident response, real-time monitoring, and lets you see a full picture view of your network by collecting the security log data from host operating systems, many software elements and applications, and security controls.

SIEM can also analyze substantial security log data to detect potential attacks and security threats.

3. Protect from Man-in-the-Middle Attacks

A Man-in-the-Middle (MitM) attack is a term for a kind of cyber-attack wherein cybercriminals intercept the conversation between two parties, usually an application and a user, with the purpose of eavesdropping or impersonating either one of the parties.

This type of attack aims to make the exchange of information between the two parties appear normal and steal highly sensitive details such as credit card numbers and login credentials.

Stolen information from MitM attacks can be used for unauthorized fund transfers, illegal password changes, and identity theft (among other things), which is why common targets are users of ecommerce sites, financial applications or websites where a login is required.

So, the best course of action is to protect your information from being stolen during an MitM attack by using encryption.

Encryption keeps data theft from happening by turning readable data into a code, and a decryption key can only decode this.

Another way to protect your business using encryption is with SSL certificates, and you’ll know a website has one if it shows HTTPS instead of HTTP.modern-day cyber attacks

SSL certificates secure connections and encrypt the information (payment details, passwords, etc.) that are exchanged on your website.

For ecommerce sites, it can also build customers’ trust since savvy users know that transacting with websites that have SSL certificates will keep their personal information safe.

Here are additional tips to keep your business and personal information, devices, and connections protected from MitM attacks:

  • Wi-Fi networks. To keep your Wi-Fi network secure, make strong passwords using as many unique characters as possible for your router and update usernames and passwords, plus all the devices that are connected to the network.
  • Internet Security. MitB attacks are typically executed by releasing malware, so installing internet security solutions is a great way to detect and prevent this kind of threat.
  • Emails. Emails are also common modes of virus and malware delivery. Exercise caution when opening emails that ask you to reset or update your login credentials and avoid clicking on links and downloading attachments.modern-day cyber attacks

To be on the safe side, instead of opening the link within the email, manually type in the site address in the browser.

  • Public Networks. Never connect directly to public or unsecured networks.

Install a VPN or virtual private network to ensure that the connection between your server and browsers is secure.

It’s crucial to understand how man-in-the-middle attacks happen so you can take the necessary steps to prevent them from happening and protect your highly-sensitive information.

What’s Next?

As a business owner, one of your top priorities is to invest in the security of your business assets and customers from various cyber threats.

The tips discussed here are just three out of the many strategies you can equip yourself to bulletproof your business against modern-day cyber-attacks.

If you found this article useful, feel free to share it.

Categories
Newss Wordpress

WordPress latest release fixes critical cross-site scripting vulnerability

With the release of WordPress 5.1.1, the developers behind the platform have fixed critical cross-site scripting (XSS) vulnerability and introduced several fixes and enhancements.

The XSS vulnerability in WordPress existed in the way comments are filtered and then stored in the database. With a maliciously crafted comment, a WordPress post was vulnerable to cross-site scripting.

Cross-site scripting can allow attackers to inject malicious scripts into webpages and bypass access controls. This flow in WordPress was discovered by Simon Scannell of RIPS Technologies.

In a blog post, he explained the way attacks could take place, “An attacker can take over any WordPress site that has comments enabled by tricking an administrator of a target blog to visit a website set up by the attacker.”

“As soon as the victim administrator visits the malicious website, a cross-site request forgery (CSRF) exploit is run against the target WordPress blog in the background, without the victim noticing. The CSRF exploit abuses multiple logic flaws and sanitization errors that when combined lead to Remote Code Execution and a full site takeover.”

WordPress versions 5.1 and earlier are affected by this vulnerability. It has been fixed in v5.1.1. Updated versions of WordPress 5.0 and earlier are also available for any users who have not yet updated to 5.1.

Also read: Top Managed WordPress Hosting Providers of 2019

Other than this, WordPress also mentioned a number of more highlights with the latest release. Hosts will now be able to provide a button to their users using which they can update PHP. They can also filter the recommended PHP version used by the ‘Update PHP’ notice.

Categories
News

Romantic Phishing is on the rise – How not to lose your money while losing your heart

Phishing is one of the most popular and easiest social engineering techniques to exploit online users

Kaspersky Lab experts have detected a sharp increase in phishing activities from criminals offering users various romantic goods on the eve of St. Valentine’s Day. The total number of user attempts to visit fraudulent websites with a romantic theme that were detected and blocked during the first half of February more than doubled compared to the same time in 2018, a reminder that fraudsters are always looking for an excuse to steal users’ data and money.

Phishing is one of the most popular and easiest social engineering techniques to exploit online users. It is a type of fraud where criminals use deception to acquire users’ credentials – from passwords to credit card numbers, bank account details and other financially important information. Phishing emails and websites usually come disguised as legitimate ones that encourage a recipient, for one reason or another, to urgently enter their personal data. They are often fueled by the news agenda, be it major sport event or thematic holidays. St. Valentine’s Day is no exception.

The overall number of user attempts to visit fraudulent websites that were detected and blocked by Kaspersky Lab solutions in the first half of February 2019 – the days leading up to February 14th – dramatically peaked from over two million in 2018 to more than 4.3 million this year. According to statistics, the most affected countries were Brazil (a more than 6.4% share of detections), Portugal (more than 5.8%), and Venezuela (5.5%). They were followed by Greece (5.3%) and Spain (5.1%).

Deeper analysis into the sent emails has shown that fraudsters are particularly exploiting pre-order gift items and performance enhancing drugs as a trap to lure users into sharing their credentials in order to please their loved ones. This again proves the findings of Kaspersky Lab’s own survey, indicating that when it comes to love, users tend to lose their vigilance.

“Our research has shown that there is no difference between phishing activities exploiting major sporting events, fake payment bills, or a more romantic pretext. They all just need to drive users’ emotions, be it excitement, stress, or love. Thus, almost anything can become an attack tool in the cyber fraudsters’ hands. The detected spike reminds us that we should always be cautious when surfing the web even we are just buying flowers for our loved one,” warns Andrey Kostin, Senior Web-Content Analyst at Kaspersky Lab.

Also read: Kaspersky Lab moving core infrastructure from Russia to Switzerland; opening first Transparency Center

Kaspersky Lab advice for staying safe:

  • Phishers often exploit emotions – including those connected with relationships and love. Signs that there could be phishers aiming to exploit your romantic expectations include messages that demand immediate action, ask for vast amounts of very personal and seemingly irrelevant information, or which simply sound too good to be true.
  • Pay extra attention to emails promising ‘one time only’ offers or various goods for free. If emails come from people or organisations you don’t know or have suspicious or unusual addresses think twice before opening. Do not click on links until you are sure that they are legitimate and start with ‘https’, especially when any personal or financial information is asked for.
  • Have a separate bank card and account with a limited amount of money, specifically for buying flowers or making a table reservation. This will help to avoid serious financial losses if your bank details are stolen.
  • Use a reliable security solution with anti-phishing and secure payment capabilities, such as Kaspersky Security Cloud.

SOURCE: Kaspersky

Categories
Newss Web Security

Sectigo to protect enterprises in Middle East against rising cyberthreats

Sectigo (formerly Comodo CA) is looking to protect enterprises in Middle East against phishing, business email compromise (BEC), and other web security threats.

As a part of this, the company has expanded collaboration with its partners in Middle East, which includes BroadBITS, Checksum Consultancy, and Hayyan Horizons.

Sectigo will now deliver web security solutions and consultancy services to enterprises in Bahrain, Dubai, Kuwait, Jordan, Oman, Saudi Arabia, Qatar, and United Arab Emirates. These solutions will modernize the digital identity strategies and help enterprises reduce cybersecurity risks.

“Business email compromise (BEC) attacks are on the rise. In 2018, spoofing or BEC attacks rose 250 percent and spear-phishing attacks in companies saw a 70 percent increase (IndustryWeek),” explained Victor Schooling, Regional Director, Middle East and Africa, Sectigo.

“Organizations throughout the Gulf States and Jordan are eager for email encryption and digital signing solutions that minimize these and other risks. We’ve chosen our initial Middle East partners for their excellent reputations and commitment to addressing important cybersecurity challenges.”

The cybersecurity solutions available to enterprises in Middle East will include Sectigo Certificate Manager, Secure Email Certificates (S/MIME), and Sectigo Private CA.

Sectigo Certificate Manager is a cloud-based platform that allows customers to manage, public, private and IoT device certificates from a single platform. It comes with required tools, support, and capabilities that can help in minimizing risks, respond to threats faster, and optimize operational costs.

“Expired certificates can be incredibly costly to a company,” added Naveed Ahmed, General Manager, BroadBITS.

“By offering Sectigo Certificate Manager, we are helping clients prevent incidents like Ericsson’s global outage in December, which resulted in UK mobile carrier O2 seeking millions in damages.”

The Secure Email Certificates (S/MIME) is going to help in combatting BEC attacks. The solution digitally signs and encrypts email communications across the enterprise. It supports top email apps such as Microsoft Outlook, Exchange, mobile operating systems, etc.

“Checksum is dedicated to ensuring that information security enables businesses to advance their digital strategy. Sectigo innovations, such as its Zero Touch S/MIME solution, will greatly help CIOs and IT managers save time and money through efficient and effective cybersecurity administration,” said Mohamed Omar, Principal Consultant at Checksum Consultancy Co.

Whereas, the Sectigo Private CA allows enterprises to create their own private root certificates. These root certificates can be used to issue private and end-entity certificates for internal servers, users and devices, while meeting compliance requirements of corporate and industry.

Also read: Revamped Sectigo Channel Partner Program offers increased profitability and visibility to partners

“We have found Sectigo a great partner to work with. The company’s offerings are proven and strong, and we appreciate the team’s dedication,” said Ali Tamimi, Founder and Managing Director, Hayyan Horizons.

In September last year, Sectigo had also joined hands Korea Information CA to expand partnership in Asia and offer digital web security solutions in Vietnam and Indonesia.

Categories
Newss

Plenty of plugins and PHP libraries disabling TLS validation, leaving sensitive data at risk

A massive number of websites today are powered by PHP and content management systems like WordPress, Joomla and Drupal. These sites come with plugins to provide functionalities and improve user experience.

However, a large number of such plugins and PHP libraries are restricting the SSL/TLS certificate validation on websites. This is leaving websites and their customers open to risk of data breach.

This issue was discovered by Scott Arciszewski, Chief Development Officer at Paragon Initiative Enterprise.

“The issue lies between the webserver and other webservers,” explained Scott to Daily Host News.

“For example, if you submit your credit card number to shopping.example.com and it forwards it to an Authorize.net gateway to process the transaction, if the server-to-server link between shopping.example.com and the ANet gateway isn’t secured with properly-configured HTTPS, attackers between the two sites can slurp up credit card numbers. This attack would be completely invisible to end users, too.”

He said that websites are using many of these plugins and libraries to set connection to servers of payment providers. These servers handle financial transactions and transmit confidential user data like credit card details.

“This exposes you to extremely trivial man-in-the-middle attacks. All the intercepting proxy needs to do is offer a self-signed certificate and PHP will just trust it,” wrote Scott, in a blog post.

The issue exists in the way creators of these plugins and PHP libraries configure their code, especially in cURL options. The cURL is used to transfer data between remote servers. It is used by plugins and PHP libraries for several purposes like downloading, sending, and uploading data to remote servers.

The following code snippets exists in a PHP file that uses cURL extension.

  • curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
  • curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

Scott discovered that developers of these plugins and libraries are setting cURL to false rather than true, in snippets of code.

“If you disable this check, you’re opting out of the Certificate Authority infrastructure, which means you’ve elected to blindly accept self-signed certificates,” added Scott.

The developers are setting code to false to avoid security-related errors on the servers of customers. Users might not like a plugin that causes errors to servers. Hence, the developers unknowingly disable SSL validation.

Also read: Websites running PHP 5 will be vulnerable to attacks in just a couple of months

To address the issue, Scott has introduced a new open source software library called Certainty. It keeps the cacert.pem file always up to date, even when the webserver is misconfigured.

Categories
Articles Cloud Cloud News Newss

Organizations have 14 misconfigured public cloud services running at any given time: McAfee study

On average, an organization experiences over 2,200 misconfigured incidents every month in their public cloud instances, according to a report by McAfee. These cloud instances include infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS).

For the report, titled Cloud Adoption and Risk Report, McAfee analyzed billions of events in anonymized cloud production use to find the current state of cloud deployments and expose risks.

“Operating in the cloud has become the new normal for organizations, so much so that our employees do not think twice about storing and sharing sensitive data in the cloud,” said Rajiv Gupta, senior vice president of the Cloud Security Business, McAfee.

“Accidental sharing, collaboration errors in SaaS cloud services, configuration errors in IaaS/PaaS cloud services, and threats are all increasing. In order to continue to accelerate their business, organizations need a cloud-native and frictionless way to consistently protect their data and defend from threats across the spectrum of SaaS, IaaS and PaaS.”

Key findings of McAfee’s Cloud Adoption and Risk Report:

  • 21% of data in cloud is sensitive

According to the report, organizations consider around a quarter of their data in the cloud as sensitive. This shows that putting sensitive data in cloud has increased by 53% year over year. Organizations are at risk of the sensitive data being stolen or leaked in case a misconfigured cloud incident occurs.

Today, more and more organizations are using public cloud for providing new digital experiences to their customers. But the organizations that haven’t adopted a cloud strategy are at risk of losing their most valuable asset. A right cloud strategy can include data loss protection, configuration audits, and collaboration controls.

Further, organizations without cloud strategy are also exposing themselves to risk of noncompliance with internal and external regulations.

  • 20% of sensitive data in cloud runs through email services

No doubt, the cloud services help organizations accelerate their business by making the more agile with resources, offering ability to scale and opportunities for collaboration.

Cloud services like Office 365 increase the effectiveness of collaboration, that involves sharing. However, uncontrolled sharing can result in data exposure. The report found that 22% of cloud users share files externally, an increase of 21% YoY.

Sharing of sensitive data with an open, publicly accessible link has increased by 23%, whereas, sensitive data sent to personal email address has increased by 12% YoY.

Top collaboration and file sharing services

For last five years, an Office 365 application is dominating the list of top 10 collaboration services, followed by G Suite services.

  • Enterprises using IaaS and PaaS had 14 misconfigured services running at any given time

Currently, 65% organizations globally are using some form of IaaS, while 52% are using PaaS.

Since, it is costly to buy and maintain servers, organizations go for IaaS and PaaS. It gives IT teams the ability to spin up virtual machines, containers or functions as a service, as per the need.

For IaaS and PaaS, organizations are trusting Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) the most. AWS clearly leads the pack with 94% of all IaaS usage share. Azure and GCP account for 3.7% and 1.3% shares respectively.

Additionally, 78% of organizations are using a multi-cloud strategy, leveraging both AWS and Azure together.

McAfee study found that on average, enterprises using IaaS and PaaS had 14 misconfigured services running at any given time, resulting in an average of 2,269 misconfiguration incidents per month.

  • 80% organizations experience at least 1 compromised account threat per month

As per the report, most of the threats to data in cloud results from compromised accounts and insider threats. On average, an organization generates over 3.2 billion threat events per month in the cloud. These threat events include compromised account, privileged user, insider threat etc. Such events have increased by 27.7% YoY.

80% of all organizations report that they experienced at least one compromised account threat per month. Whereas, 92% of organizations has stolen cloud credentials for sale on the Dark Web.

Also read: 25% of businesses had their data stolen from public cloud: McAfee Study

For security of sensitive data in cloud storage, file-sharing and collaboration applications, enterprises will need to first understand the cloud services they are using. Further, they must identify which services hold sensitive data, and how that data is being shared and with whom.

When they know these things, they can push suitable security policies to prevent highly sensitive data from being stored in unapproved cloud services. They also need to continuously audit and monitor their IaaS and PaaS configurations.

Download the full Cloud Adoption & Risk Report here.

Categories
Newss

Websites running PHP 5 will be vulnerable to attacks in just a couple of months

78.9% of all the websites are currently using PHP, according to W3Techs. Further, 61.8% of these websites are running PHP version 5. What’s alarming about these stats is that PHP will stop providing security support for PHP 5 from 31 December 2018.

2019 will begin as a bad year for users who keep on running PHP v5 for their websites. The PHP v5 is around a 14-year old release, which is still used widely. But, the time to upgrade has come.

After 31 Dec, if the users continue to run the outdated version of PHP, they wouldn’t receive security updates for websites and underlying technology. This will leave their websites open to cyberattacks.

PHP community had decided on stopping security updates for PHP 5 last year itself. But PHP 5.6 became the most-used version then, and the community postponed the decision to this year.

Currently, WordPress, Joomla and Drupal are the top website providers. But it seems like only Drupal has taken the security seriously. It will require users to have minimum PHP 7 to run the website from March 2019.

On the other hand, Joomla asks for minimum PHP 5.3, and WordPress has set minimum requirement of PHP 5.2. It’s well-known that around one-third of the websites today are powered by WordPress. Since, the users aren’t forced to upgrade to newer versions, they keep on using the old versions.

“The biggest source of inertia in the PHP ecosystem regarding versions is undoubtedly WordPress, which still refuses to drop support for PHP 5.2 because there are more than zero systems in the universe that still run WordPress on an ancient, unsupported version of PHP,” Scott Arciszewski, Chief Development Officer at Paragon Initiative Enterprise, told ZDNet in an interview.

Also read: Microsoft re-releases Windows 10 October Update following reports of missing files

To avoid the risks of being exposed to attackers, website owners need to upgrade their website, libraries, server platform, and every web-related thing. They should run their site with PHP 7, without giving it a second thought.

Categories
News

Mozilla moves its DNS over HTTPS protocol testing to Beta phase

Mozilla Firefox is all set to test DNS over HTTPS feature on its beta channel.

As an effort to safeguard user security, web browser Mozilla began experimentation with DNS (Domain Name System) in early June 2018. The new experiment revolved around DNS over HTTPS (HyperText Transfer Protocol Secure) protocol – which uses encryption to secure the DNS requests and responses. In August, the web browser carried out several tests in the Nightly channel to see whether the new protocol had any impact on the browser speed and performance. After a successful test, the company is now planning to test this technique on their beta channel.

DNS over HTTPS aims to address the data leak vulnerabilities that exist when data is exposed in DNS and by recursive resolver, when it searches for any IP address or domain. Mozilla hence launched two new features – Trusted Recursive Resolver (TRR) and DNS over HTTPS (DoH) to fix these vulnerabilities.

Data can be at risk if the operating system uses an untrustworthy resolver that can tamper the response or even track user requests like on-path routers. DoH will protect user data against on-route tampering and eavesdropping. Mozilla also said that it has been working with Cloudflare on this, which is providing a recursive resolution service with pro-user privacy. Cloudflare’s service removes all personally identifiable data between every 24 hours, to ensure that no data is passed along to any third party.

Mozilla added the DoH support to Firefox 62, but not as a default setting. Users need to configure the settings in their browser system.

The August survey results revealed minor performance impact when using HTTPS with a cloud service provider, on non-cached DNS queries. The queries were slower by six-milliseconds, which per the testing team was an acceptable cost for all the benefits it could bring in terms of securing user data. The results also found that the slowest DNS transactions could now perform better with the DoH feature than the traditional ones.

Image Source: Mozilla

We hypothesize the improvements at the tail of the distribution are derived from 2 advantages DoH has compared to traditional DNS. First, is the consistency of the service operation – when dealing with thousands of different operating system defined resolvers there are surely some that are overloaded, unmaintained, or forwarded to strange locations. Second, HTTP’s use of modern loss recovery and congestion control allow it to better operate on very busy or low-quality networks.” – per the company blog.

The Beta Channel experiment will also use Cloudflare’s DoH service. The company will be releasing an initial rollout to selected beta users in the United States following September 10.

Categories
Newss Web Security

Comodo CA and Korea Information CA expand partnership in Asia

Comodo CA and Korea Information CA (KICA) are expanding their partnership in Asia, to offer digital web security solutions in Vietnam and Indonesia.

KICA is a prominent certification authority in Asia, while Comodo CA is a global leader in digital web security solutions. The partnership will help both the companies to further expand their footprints in the region.

As a part of the partnership, Comodo CA will be able to leverage localized sales and support of KICA in Asia to reach more enterprises and customers and offer web security services.

“KICA has strong relationships throughout Asia and specifically in emerging geographical regions primed for rapid adoption of digital web security solutions,” explained Michael Fowler, President Channels and Partners, Comodo CA.

“Through our partnership, Comodo CA is well positioned to further extend our offerings throughout new regions within Asia and benefit from KICA’s leadership in integrated authentication.”

On the other hand, KICA will now exclusively provide Comodo CA’s TLS/SSL certificates to enterprises in Vietnam, Indonesia and Republic of Korea.

“We have historically had great success with our Comodo CA partnership, enabling us to sell high volumes of digital certificates to organizations of all sizes, across many industries,” said Mr. Sangjun Kim, CEO of KICA.

“The expanded relationship enables KICA to exclusively offer a variety of certificates from the world’s largest and longest-standing CA.”

TLS (Transport Layer Security) and SSL (Secure Sockets Layer) are security protocols, used to establish a secure link between a web server and a web browser. Enterprises need TLS/SSL certificates to implement these protocols.

Importance of these certificates have increased all the more for enterprises as Google now marks all the websites without SSL as ‘not secure’. The ‘not secure’ warning tells the website visitors that the website doesn’t encrypt the connection, hence the confidential information submitted on the site is not secure.

Also read: 400 million unique malware samples detected globally in Q2 2018: Comodo Global Threat Report

Last month, Comodo CA acquired website disaster recovery leader CodeGuard to expand its offerings and help enterprises with one-click restore for website issues.

Image source: Comodo

Categories
Cloud Cloud News News

Website backup tool: eBackupper hits version 1.0

eBackupper, a SaaS-based online data backup program developed by AOMEI Technology, recently hit version 1.0. It allows users to backup their websites and databases to cloud, and safely restore them whenever required.

The webmasters can also back up the sites and databases to their own cloud drives. For this, all they need to do is create a free account. It currently supports Google Drive, Dropbox, and OneDrive. Support for more cloud services and new features will be added in future, said eBackupper.

Importance of Website Backups

Nowadays, the management of website has become easier than ever. But the website security still remains a concern. The websites can get hacked, break after an update, or an accidental deletion can happen. It would be a nightmare for the site owners if they don’t have the backup.

Also, the accidental deletion can happen from the end of your web hosting provider. This can lead the site owners to start the website from scratch. Moreover, it is reported that more than 40% of small and medium businesses don’t back up their data. This is a serious concern.

Having a backup of the data is the easiest way for data protection that allows users to turn back the clock. eBackupper allows users to schedule the backup and data will be automatically backed up to cloud.

Features of eBackupper

  • One-click website backup: The eBackupper backs up the website to cloud with just a click. It currently supports FTP and SFTP.
  • Back up Database to Cloud: It creates complete backup of database and store the copy in cloud.
  • Reliable Restore: It allows users to restore the website and database whenever required.
  • Support All Devices & OS: Along with support for desktop devices, it also works well with several operating systems like Windows, Linux, Apple iOS, Android, etc.
  • Email Notification: It notifies the user via email about the completion of backup task, and also if the task encounters some error.
  • Customized Backup Settings: It also allows users to back up and restore the selected files as per need, schedule automatic backups, etc.

Also read: ZNetLive rolls out Acronis Backup Cloud to provide businesses with constant data availability in changing threat landscape

Other than these, the eBackupper also features database migration, management of sources and destination clouds, restore logs, and download the backed-up file from cloud.

The eBackupper 1.0 is now generally available.

Image source: eBackupper

Page 1 of 7
1 2 3 7