Monthly Archives: February 2014

24 02, 2014

Data (In)Security

03oudated_WP01-300x225

In the world of website content management systems, WordPress is king.  As far back as 2012 Fortune magazine anointed WP  rulers of Web and now their number of installed platforms exceed 70 million. So a logical question is “What does it mean to be one of 70 million in terms of website security?”

Well, in cyber-security as in many industries, Shakespeare’s line “Uneasy lies the head that wears a crown” is often applicable.  So it’s important to recognize that dominant market share makes an inviting target for criminals.  Exploit writers follow the money which, for them, lies in hacking vulnerable website code.  The more vulnerable applications in distribution, the more profit they see.

Hackers use WP sites – revenue-generating and fan-based alike – to carry out criminal activity ranging from malware distribution to data theft and more.  At 6Scan, we see an inordinate number of sites unwittingly inviting attacks with virtual “Hack Me” signs.  Of the WP sites on our scanning platform (as of January 17, 2014) fewer  than 20% were using the current version (3.8) and approximately 25% run versions that are more than one year out of date (see chart for full break out.)  Hackers love out-of-date applications, which they regard as low-hanging fruit, becuase their vulnerabilities are well known and exploit packages are available for purchase. So before doing anything else, 6Scan urges WP site owners and administrators to install the latest version of WP.  Strengthening sites across the board – all types – is good for the individual as well as the WP community in general.

 

23 02, 2014

Security and Simplicity

We’re excited to announce the addition of  Gregor Freund as a 6Scan board advisor. Gregor, who was also a participant in our most recent funding round,  brings tremendous security insight and experience as 6Scan  continues to grow (250,000+ active websites!) and expand our services.

I’ve known Gregor since 2000, when he was running Zone Labs out of an office jammed between a reggae club and a highway off-ramp.  Gregor had positioned the company as a pioneer in desktop firewalls and freemium security. I was taking on the challenge of expanding the free user base and driving conversion to paid products (some details in this video). Over the next 4 years, Gregor grew the company to 200 employees before selling the business to Check Point.

I learned a lot at Zone Labs, the most enduring lesson being the importance of simplicity. At 6Scan our community is not based on security expertise, it’s based on passion. Our users are passionate about their businesses, their interests and their opinions – and their websites reflect that. And that’s what drives us – simplifying an essential and often complex process so our users can focus on running their businesses. Our community shouldn’t be distracted by security (nor from being victimized by cyber criminals). And that’s our goal in 2014, to keep it simple and, whenever possible, keep it free.