Kia ora and welcome to the July edition of FutureLab’s newsletter!
This month, we’re putting the spotlight on the importance of security and web support. Our clients, protected under our retainer, have been safeguarded against any arising issues. However, if you’re not yet a FutureLab customer, we strongly encourage you to stay informed about the latest developments in security concerns.
In times of increasing cybersecurity issues, the importance of robust security measures cannot be overstated. The 2021 attack at Waikato Hospital serves as a stark reminder of the potential impact of cyberattacks. These outages disrupted critical hospital services and highlighted the vulnerability of essential systems to cybersecurity threats. Ensuring that your digital infrastructure is secure and resilient against such threats is crucial for preventing significant operational disruptions.
Practical steps with our hosting and security.
One of the things we are mindful as your service partner is the ongoing risk of Cyberattacks in New Zealand. With the rise worldwide and recent attacks skyrocketing since covid, local businesses and the government face the challenge of implementing strategies that lessen the risk, and deal with security threats and breaches.
LayBuy Goes Into Voluntary Administration
Recently, the popular eCommerce company Laybuy went into voluntary administration. A few of our eCommerce clients were still using the Laybuy plugin when we were notified, and we reached out as soon as we could to disable it. While the company still operates and requires customers to pay off their debts, we wanted to ensure that no one could make a payment through Laybuy, preventing our customers from losing money.
Polyfill.io Supply Chain Attack
A recent supply chain attack on Polyfill.io affected over 100,000 websites, compromising the integrity of a widely-used JavaScript library. Attackers injected malicious code, leading to potential data breaches and security vulnerabilities. This incident highlights the critical need for vigilance in managing third-party dependencies and ensuring they remain secure.
Our hosted and supported clients were all checked on Monday, the 1st of July, and a couple of them required emergency updates to replace the vulnerable link. Rest assured, we are continually monitoring and maintaining the security of our clients’ websites to prevent such issues from affecting their operations.
WooCommerce XSS Vulnerability
A critical cross-site scripting (XSS) vulnerability was recently discovered in WooCommerce, potentially allowing attackers to inject malicious scripts into vulnerable websites. This can lead to data theft, site defacement, and other malicious activities. WooCommerce has released an update to patch this vulnerability, and it is crucial for users to update their plugins immediately.
Our hosted customers, depending on infrastructure, have their plugins updated once a month. However, in instances of urgent updates like this one, we usually update plugins within the first 1-2 business days once we find out about the vulnerability. It’s important to keep your plugins and WordPress version updated at all times, whether there’s a known vulnerability or not.
Keep in contact and stay secure
Whether you host with FutureLab, are a supported retainer client, or have another digital agency supporting you, maintaining ongoing contact is essential to proactively prevent security issues. If you need support or hosting, contact us today to ensure your online presence remains secure.
Stay Connected with FutureLab Digital!
If you have any questions or need assistance, don’t hesitate to reach out to our team.
Stay tuned for more updates and tips in our next newsletter!
Warm regards,