Category: Hosting

Australian government urged to adopt global cyber security standards for cloud

New South Wales government has asked all local, federal and state governments to adopt internationally recognized cyber security standards for Cloud Services. 

The government has also advised all said governments to evaluate proposals or tender bids with careful consideration from companies that adopt cyber security. 

And also favorably evaluate proposals of those companies that are adopting other risk standards for telecommunications and the internet of things (IoT).  

The NSW cyber security made this recommendation along with several other suggestions mentioned in 16-page report issued by them. 

The recommendations for standards development and implementation have been separated into seven key areas: cloud, defence, education, energy, financial services, health and telco and IoT. 

The report particularly includes all relevant points related to cyber security. In the cloud area, the report urges governments to “adopt and leverage recognized ISO and/or IEC standards as baseline requirements for information security.

The report said that standards could be placed within “any regulatory frameworks or procurement models proposed in relation to cyber security”. 

The report also recommends that all businesses and governments should develop material that “clearly communicates any business benefits around that adoption of standards”. 

The report also points that international standards should be followed in the event that a principles-based approach is adopted. 

The report also highlights the standards around cyber security, including IoT security specifically, and risk management. 

All businesses should definitely follow the recommendations and incase looking for secured web hosting services then, IT Consultants are always available to provide best web hosting that is not only secure but fast as well. 

Share it on Social Media:

Follow by Email
Facebook
Twitter
LinkedIn
Share

2021 Brings Best WordPress e-commerce plugins!

Previous year 2020 has taught us many things, locking us down and making us to turn to internet. For the first time, it’s not a bad thing and even better for online businesses.

Through managed WordPress Hosting plugins can help you in growing your online business sales.  These plugins can also help you to setup the kind of business you want to run.

In order to help you grasp this knowledge in the simplest way, we have narrowed down 5 most important plugins that can help you in growing your online business.

  • Easy Digital Downloads:

EDD is one of the best plugins to use for selling digital online products. You can have free WordPress plugin and will only have to pay for the services.

Its installation process is very easy and you start adding your items right away. Plugins also allow you to enjoy several useful features such as, add to cart, pop-up, free downloads, PDF invoices and printing.

  • Ecwid Ecommerce Shopping Cart:

E-commerce world is not only about digital products, you can further enhance your global reach by selling physical tangible products.

Ecwid allows you to start selling physical products online. Another biggest advantage of Ecwid is that it is nota plugin which means apart on WordPress, you can sell products on any platform.

  • Shopify

Even if you are not tech savvy, Shopify handles everything for you from setting up your online shop to assisting you to how to sell your products. Its is not a plugin, so you can use it outside of WordPress as well. IT Consultants offers the best WordPress hosting and also offers online store services to help you increase your global reach via internet.

  • WP EasyCart

It is an affordable WordPress plugin for all businesses who want to see their products online. It offers absolute support in setting up and handles all the hard work by themselves. Through WP EasyCart, you can sell all kinds of products including, physical, digital products, digital download such as, videos, audios etc. You can also sell subscriptions, gift cards and can also ask for donation from this platform.

  • WooCommerce

It is one of the most popular plugins available for e-commerce. It offers you complete customization and the plugin itself is free.

Share it on Social Media:

Follow by Email
Facebook
Twitter
LinkedIn
Share

Major security flaws found in Dell Wyse ThinOS

Occurrence of technical issues are very common when any sort of system or device is developed. According to recent findings two critical vulnerabilities have been found in Dell’s Wyse thin clients. These vulnerabilities could easily be exploited by an attacker to run malicious code and gain access to arbitrary files.

As compared to old PCs, now small form factor PCs have grown more powerful. In recent years, a lot of organizations more commonly the ones in healthcare industry have turned to thin clients in order to fulfill their computing needs.

Why do they choose thin clients?

Many organizations choose to turn to thin clients because they take up far less space than a traditional desktop PC. Dell Wyse thin clients are one of the popular choices among enterprises and it’s estimated that over 6,000 organizations have deployed them on their networks, hence network monitoring is an added factor that all enterprises needs.

Dell ships two critical vulnerabilities, tracked as CVE-2020-29492 and CVE-2020-29491, reside in its OS. ThinOS can also be kept remotely and the Austin-based company mentions that users set up an FTP server for its Wyse devices in order to download updates including firmware, packages and configurations.

However, according to cybersecurity firm CyberMDX, which focuses on the healthcare sector, found that accessing almost a dozen Dell Wyse thin clients via FTP was possible with no credentials by using an anonymous user profile. According to their findings only the firmware and packages are signed which clearly means that an attacker can use the INI configuration files to target vulnerable machines.

In recent times, we all are facing malware, cyberattacks and really wants our websites and confidential files to be protected from attackers. IT Consultants are always working for better IT solutions along with providing technical support to their clients.

FTP access is possible without credentials on some Dell Wyze thin clients

Share it on Social Media:

Follow by Email
Facebook
Twitter
LinkedIn
Share

Google’s acquisition undertaking for Fitbit buy failed to gain Australian Regulatory Support

Eight months ago, we had seen this news circulating around that Google gobbled up fitness tracker firm Fitbit worth of $2.1 billion.

Google is planning to acquire Fitbit, but it still needs to assure Australian regulators that their acquisition won’t cause any sort of competition or privacy issues. Unfortunately, their draft was knocked back by the court.

The company, which is looking forward to buy Fitbit for US$2.1 billion (A$2.77 billion), was able to win EU antitrust approval last week. However, their transaction is yet to be cleared by authorities in the US and Australia.

Google had submitted a “long-term behavioural undertaking” at the end of last month i.e. November in order to address concerns raised by the Australian Competition and Consumer Commission (ACCC).

The undertaking included certain important points concerning on how Google will behave “towards rival wearable manufacturers” and further included a commitment not to use health data for advertising.

But the ACCC rejected their draft undertaking on Tuesday as they thought and analysed that it will be difficult to monitor for compliance.

Apart from rejecting the “current proposed undertaking”, the ACCC also extended the date to 25 March 2021 in order to continue its investigation and consider its legal options.

One of the spokespersons of Google Australia said that the company was “disappointed at this delay.” Considering the fact that Gmail hosting is massively used in the corporate  world and it has huge market share and is well know for quality services and good reputation.

According to relevant sources it is evident that “The acquisition may result in Google becoming the default provider of wearable operating systems for non-Apple devices and give it the ability to be a gatekeeper for wearables data, similar to the position it holds for smartphones which licence the Android operating system.”

Along with the Apple devices and android operating systems, all smartphones definitely need mobile applications.

Final decision will be taken at the end of March 2021.

Share it on Social Media:

Follow by Email
Facebook
Twitter
LinkedIn
Share

Contact Form 7 Vulnerability Found in +5 Million Sites – WordPress

Recently, an alarming situation have been discovered in the tech world. A vulnerability has been found in Contact Form 7 that allows attackers to upload malicious scripts on several sites, including WordPress.

Although the publishers of Contact Form 7 have taken serious action immediately to fix this issue, but only few versions of Contact Form 7 are updated and rest of them are still going to face serious vulnerability. Some of the common vulnerabilities detected are;

Unrestricted File Upload Vulnerability

As we know it is being used in WordPress plugin, hence an unrestricted file upload vulnerability is found that allows attackers to upload web shell that enables them have control over site and can even tamper with a database.

It is noticeable that Contact Form 7 have called their latest update an “urgent security and maintenance release.”

According to Contact Form 7:

“An unrestricted file upload vulnerability has been found in Contact Form 7 5.3.1 and older versions.

Utilizing this vulnerability, a form submitter can bypass Contact Form 7’s filename sanitization, and upload a file which can be executed as a script file on the host server.”

An additional particular shared by the official WordPress plugin repository for Contact Form 7 against vulnerabilities are;

“Removes control, separator, and other types of special characters from filename to fix the unrestricted file upload vulnerability issue.”

As we know that filename sanitization tool is used to block certain file names and allows only restricted list of file names. In the case of Contact Form 7, there was some issue with its functionality and it created a situation in which unauthorized/dangerous files were automatically allowed.

All sites using Contact Form 7 needs to release update immediately in order to tackle this situation, and if you want to avail protected WordPress Hosting by our well experienced IT Consultants, just give us a call.

Share it on Social Media:

Follow by Email
Facebook
Twitter
LinkedIn
Share