SEO Backlinks Can Damage your Sites SEO Optimization with Search Engines

SEO is very important, unfortunately one of the main problems we run into with our customers is that some giant companies are still selling SEO backlinks services, where they go around the web posting links to your website and call it SEO.

 

This is not helpful, it is in fact quite damaging, fortunately the SEO damage can be reversed but it takes time to fix the SEO damage and put proper search engine optimization in its place.

What is SEO backlink damage?

SEO backlink damage as we described above is where you go around the web randomly posting links back to your site, known as backlinks. The reason this is damaging is because the backlinks are irrelevant to your site and the search engines know that you or someone else is trying to damage your sites reputation.  If you make a bunch of profiles and post backlinks to your site that have no relevancy with your company, that can be damaging, especially when the sites you post on are primarily used for spam.

Organic SEO backlinks are entirely different then what we are talking about in this post and will discuss that in a future post. Organic SEO backlinks are good and healthy, but that’s all we will say on that subject.

 

How do I fix SEO backlink damage?

It varies from site to site, however one big step is finding the most offending websites that hurt your rankings and then remove  those websites by using the disavow tool in Google. We try to keep the amount of SEO backlinks we remove low, since we only focus on the worst damage.

If you simply remove the backlinks, that in itself does not fix your sites SEO damage. We always have to update the site to rank better in many other ways and do so for $99.99 a month. If you have any questions, feel free to contact us.

 

 

 

 

Website security: Is Website security easy to hack by criminals?

Website security is code that tries to stop criminals from illegally hacking your website and bypassing  security measures you have in place, if you have any in place.

How secure is website security on average?

On average it takes less then a minute to bypass website security that is supposed to stop criminals and automated tools can crack simple passwords in under 30 seconds, sometimes under three seconds depending how weak your password is and what type of machine  you have.  How is this possible? Most developers aren’t familiar how code can break, they just know how to write code that works and depending on the project, that can be complicated in itself. Education on how to secure code is very important, if we want to make more secure programs in the future.

What is website security?

Website security is supposed to stop criminals from getting into your site. It simply is code that is designed to make it so criminals can’t bypass it, but they may be able to bypass another part of your code, since there are so many ways into your average system.

Website security being illegally hacked by criminals is a major problem, since all your users data could be stolen, your site could be used to deliver malware to users, gain access into areas that require admin authentication, and so much more. Protecting website security is one part of our job, making sure we provide enough plans so everyone can afford web security is another part of our job. Whether you  can only afford malware removal  or need a security audit to find vulnerabilities, we have you covered. We continue to release more  products to help people stay as safe as possible without breaking the bank.

 

Hackers for hire to secure your website from criminals

We are cyber security professionals, information security professionals, but when it boils down to it we are hackers for hire that are easy to find and easy to  contact. or hire by one of our hacker for hire subscription plans. When we are hired by the private sector we help secure your websites, servers, applications and any IoT device under the sun. Our plans currently only support websites, however we are professionals at IoT security, also known as internet of things security and server security.  Companies hire us to stop criminal hacking before it happens or if it’s already started we put a stop to it and provide an analysis of the criminals behavior and information we have on them, along with if they are known elsewhere, since many criminals want to be known, they just don’t want to be caught.

  What type of hacking will you not do? Since you’re easy to find hackers for hire will you do unethical hacking?

We are ethical hackers for hire that are easy to find, so we will not do illegal hacking.   We will end up putting a FAQ together about the most common requests for illegal hacking, but a few off the top of our head of requests are to hack another users facebook account for you, instagram, or any other service.  We don’t care if you tell us the person you want hacked is a cheating slimeball, that doesn’t make it legal to hack them. Since we’re ethical hackers for hire, we stick by our code and won’t hack cheating slimeballs for you.

What can you do as hackers for hire?

As hackers for hire we can do a lot, like secure your website, server, IOT products, etc. Working as hackers for hire we have recovered stolen laptops, We identified a hacker who claimed to be a woman in San Diego, who ended up being an Indian in India living in a flea hotel, who took a trove of unreleased music from a studio.

We’ve identified employees who have destroyed their companies systems making them inoperable. We’ve worked for fortune 100’s, we’ve had GoDaddy as a client showing them security flaws in their servers and we found a lot of issues.

We identify malware in companies infecting their users, we’ve helped make it so companies don’t have to pay ransomware by securing their systems and offer anti-phishing training.

What can we not do as hackers for hire? Whatever the law prohibits, which is becoming less and less. We can show you how insecure your internet connected devices are, also called internet of things devices, among other things.  It’s even legal to hack a car or anything else you own to show how insecure it is.

Remotely Disconnecting Bebop Drone pilot exploit As seen on ZDF

  1. Last year we ran into an issue when recording Smarter Living for ZDF when they gave us a drone we hadn’t hacked before which was the bebop 1. It took half an hour to find a vulnerability and exploit the bebop drone. while it isn’t a  fancy exploit it got the job done. Parrot had tried to put a patch in place for the bebop drone to stop people from accessing telnet, however you could still send request to telnet. We sent a bunch of telnet requests to the drone while it was flying and remotely disconnected the user from being able to control the drone. Instead of the drone crashing no one had control of the drone and it was doing whatever it wanted requiring the director and I to grab it out of the sky.

While we have a ton more of drone vulnerabilities that we spoke about at bsides LA, we won’t be releasing them today.  We went all the way down to a binary analysis, which was quite interesting and may make publicly available.

Chrome Vuln Denied By Google Then Patched Bug Without Payment

Google Chrome is the browser by Google. We found a chrome bug that is so simple that every browser should’ve already been protected from it, but neither Firefox nor Chrome were. We also attacked other platforms and used the attack to crash our peer reviewers phone. We found a way to crash the chrome and Firefox browser by putting 500 thousand lines of urls that would remotely crash the other users system, wipe all the sites they were on from restoring, etc. An example would be https://planetzuda.com/test/http://planetzuda.com/test/ and repeat. The bug was far harder to exploit on chrome, then it was on Firefox since to Google’s credit or Chromiums they had better protection then Firefox had against this attack.

The way it worked was taking the URL above and then manually copying it or using a python script to automatically copy it thousands of times and then sending it to the browser. We contacted Our peer reviewer and tested it against him.

We were in the process of seeing if we could get leaked memory and go to RCE, but Google likes reports as soon as you know of an issue, so we reported to Google Chrome per their bounty program. The bug quickly got marked won’t fix, but another member marked it needs more feedback afterwards, but once you mark a bug won’t fix, you have no interest in engaging with the submitter. Never underestimate the person submitting the bug. If you don’t get the bug, that’s fine but don’t assume what it is, which is exactly what they did. So if the bug was no big deal, which is the way they acted on January 16th why is it patched? Also, how did Firefox get the patch when we didn’t submit it to them? These are questions we want answers to. We are asking Google to pay for the bug, since they found it to be of value to quickly patch it and it appears they also passed the info along to Firefox without our permission, which is problematic as we were never credited for the bug by Firefox.

We will update this if Google responds to our requests, but from now on we are going public disclosure on bugs here on out.

A Guide explaining Why 43-50% Of Small Businesses Are Hacked

Many articles have come out stating that between 43 to 50 percent of small businesses are hacked. This makes sense and we will explain why in our guide that gives you a tiny bit of insight on how to think like this particular type of hacker.

Most small businesses use insecure software, they use anything that is free or cheap, and they never have a security audit no matter how much they want it due to how expensive it is.

Free and cheap software generally has no security to very little security, however paying more does not mean in anyway that you are more secure,  but they have a bigger budget to at least focus on security.

Before using a piece of software look up that software with the word exploit and see if there are any recent articles about exploits not being fixed in it. Also, update your software as much as possible and always do backups. We can’t stress those two the most, so we will repeat it. updating your software is critical  and having backups are critical for when you are hacked. Backups have saved some of our clients businesses when they were hit with ransomware, because instead of paying the ransom they simply restored from the backup and then had us make it more secure.

 

Our goal is to provide true security audits and malware removal at an affordable price, that is a true security audit, not the untrue security audits provided by other companies at affordable prices. A security audit is finding vulnerabilities before you’re hacked and we do that for as low as $29.99 a month, but enough about us let’s focus on what you can do for free to keep yourself secure. Of course, the ransomware sometimes does damage the perception of how secure you are if it also holds the entire site ransom, thus people may not trust your site as much. However, there are ways to mitigate this issue, by being very open and transparent about the entire process. While we know some companies want things to be hidden and not talked about, hackers find them anyways, so it’s better to be open about something then closed off.

 

We hope this very small and not even remotely close to extensive guide has helped you.

 

 

 

The Importance of Cyber Security and Compartmentalization

Cyber security is very important, but so is compartmentalization as an article in The Register makes very clear. A Texas based company fired an employee, because they hadn’t properly compartmentalized access to passwords for the company.

This one employee was able to access all the passwords on his own and emailed them to himself, thus allowing him to get revenge on his work and commit criminal hacking, which lead to losing over $100,000 of customer orders, not to mention the third party companies they had to pull in to audit the systems to recover from the damage the disgruntled employee had caused.

 

The employee was arrested by the FBI for violating the computer fraud and abuse act and exceeding authorization. If the company had properly compartmentalized access to each password, so one employee wouldn’t have had access to all of them, this wouldn’t have happened. Unfortunately, this didn’t take place nor did they reset passwords the employee had access to, which is standard procedure with companies who hire us.

 

 

 

WPCore SYS WordPress malware Installed by Hackers Who Are Criminals

Hello Dolly, is a famous song by Jazz singer Louis Armstrong and a WordPress plugin with the words to his song Hello Dolly. While a plugin like that would usually get few downloads this comes pre-installed in every single WordPress install.

Before you start panicking Hello Dolly is not vulnerable at least not that we are aware of, rather pirates are exploiting vulnerabi other plugins and inserting malware into the plugins directory called WPCoreSys. Hello Dolly is mentioned because they attempt to mask their malware by making database entries claiming it is for the Hello Dolly plugin table. Hello Dolly does not have a database, but most people do not know that.

 

Programs like anti malware removal have detected and removed WPCoreSYS, unfortunately after it has already done damage to the site.  WPCoreSYS is a malware infection for WordPress that injects it’s own malicious code into valid themes, plugins and even the wordpress core to try and make it harder to remove.

We have cleaned up WPCoreSys infections, which would be covered under any of our malware removal plans, including our cheapest that starts at $29.99 a month. If you’d like to sign up, just use your email address when paying via paypal and do so below. We will contact you shortly.

Copper cyber security


You can see a whole list of our plans on https://planetzuda.com