Category: Uncategorized

Make A Site Rank With Google Search & Google Places — A How To Guide

Author wefightforsecurityPosted on December 20, 2018December 20, 2018Categories UncategorizedTags , , , , ,

We are going to take you into a step by step analysis of how we did SEO for a client who is in Google places and help them get good ranking in their business.

Ranking for search engine optimization takes a lot of time, effort, and analysis on why a site should be on the front page of any search engine, including Google’s.

First, a good title and description with relevant phrases for your industry in the description people see is important. It does not need to be keyword specific as Google can tell the difference between words that share similar meanings and can figure out what you mean pretty quickly. Contrary to popular opinion or even what Google said years ago, good descriptions still hold a factor in their ranking. One of hundreds of factors on determining how a site rankgs, but it is still a factor.

Once people click through to your site, you need to have a call to action clearly visible and make it easy to act on right away. Here is an example of one of our clients.


As you can tell Tours Los Angeles shows places they go to, they show happy customers, and have very clear buttons so you can book a tour. We did do the site design, which we don’t generally offer as a service. We are expensive when it comes to highly customized site design, though we do have a few site designs that can be launched for an affordable rate. When it comes to helping improve your search engine ranking we are affordable compared to other SEO companies. We, of course aren’t solely SEO, as we focus on all factors of a website, especially internet security.

Let’s dive deeper into our site analysis of Tours Los Angeles. Once you have images on a site, you need it to still load quickly. The desired goal is under 3 seconds for a site to load. So, to get this desired speed you need to use a content delivery network. A content delivery network, also known as a CDN hosts your images, so customers who come to your site can get them loaded as quick as possible. When you are using WordPress and the popular jetpack plugin, their CDN option is free, quick, and does help make your site load quicker.

Okay, so all you need to do is make a good looking site, proper descriptions and titles?
No, it isn’t that easy but those are important steps. It’s great to have relevant backlinks from blogs in your field or news sites. We have plenty of links from news organizations, as the media covers our work sometimes.

Always having fresh content is very important, which means blog, blog, blog and of course vlog. Vlog is slang for making video content. Making video content is not as easy as just hitting record, you need to make high quality video content. High quality does not mean you have to use the best camera, no high quality simply means that it is done well and meets the expectations of the viewers. Like with everything you do, you want the message to be clear, you want your customers to understand you, what you do and what you don’t do.

Is this all there is? Of course there is more. While this doesn’t exactly fall under our affordable SEO and not everyone’s definition of SEO, everyone can agree it is important to build your companies online presence. You need to make sure your social media presence is reaching a large swath of people. Our founder is a social media influencer, which means he has thousands upon thousands of people following him, commenting and interested in what he does. We take that knowledge and build it for your company. Managing social media pages and building up a following takes a lot of work, so we can’t put that in our affordable SEO kit.


This is a quick breakdown of SEO, since we didn’t get into image optimization for search, among tons of other topics. This should give you a general idea of the importance of SEO.





What do I do If I’ve Been Hacked And am Given A Ransom?

Author wefightforsecurityPosted on October 1, 2018October 1, 2018Categories Uncategorized

What do I do if I’ve been hacked and am given a ransom? Don’t call the FBI, because the FBI says you’re on your own. So what do you do?

 

We both know paying the ransom, does not mean the information won’t be published, as many cases have shown us.  However  paying the ransom over your customers sensitive data does give you a chance to potentially stop the information from being published. So, if you  have no chance to stop the release of information, or have a chance, which would you pick?

Paying a ransom is not how you should ever think to handle security, but if you are already in such a precarious situation, paying the ransom is one of the better ideas we can think of while you have an independent security team figure out what happened and see if they can attribute the attack. Attributing attacks can be difficult, but that is a discussion for another time.

You should be having your site secured as tight as a fortress, which we do our best to do for customers, but always have backup plans. Plan B should not be paying a ransom, plan B should be pro-actively trying to stop the attack. If plan B doesn’t work, then plan C is an option where you could pay the ransom or not pay it.

 

A better way to look at the problem is what happens if you don’t pay? Will you be destroyed? Will your customers information, which they entrusted you with be leaked? It certainly seems in that situation paying the ransom, may very well be worth it, but to some it still isn’t. We get it, if we follow principal, it is never right to pay a ransom. However, when your company is at stake  and it is too late to secure your systems, it may be your best chance for not being destroyed.

 

If hackers are just making it impossible to connect to your site, well that is easy to take care of and we sell a product that will take care of that in no time. Paying a ransom is last resort, because most don’t give ransoms, and those who do can’t be trusted. What you should do is invest your money into protecting your site now, instead of trying to react when you’re hacked. Being pro-active is the best thing you can do for your company.

 

In no way does Planet Zuda condone ransoms in any shape or form, we are simply providing information on a situation, many end up in due to not protecting their customers private information adequately.

 

 

 

 

How To Shutdown the power of a country — SCADA and the ramifications Of Not Being Smart

Author wefightforsecurityPosted on September 19, 2018Categories Uncategorized

SCADA, also known as Supervisory control and data acquisition is unfortunately used with critical infrastructure, like power grids. So, how do you shut down a power grid?

We will give you one horribly insecure example where a country connected their electric grid to the internet. Their admin backend where you can shutdown the power of different sections of the country, was exposed through Google cache, which let anyone have the ability  to shutdown their power.

 

Now why didn’t researchers of this country discover this? Because they threaten to kill anyone who they deem to have hacked their site that lives in their country, however their threat model did not account in that the rest of the world may discover their electric grid issues.

In our mind  this is so insecure it isn’t a hack, because if Google can access it and you access it on Google’s property, then you’re accessing it on Google’s servers, rather than hacking the companies servers.

 

How do you avoid this highly insecure setup?

Well, first if you have anything sensitive, do not connect it to the internet. Secondly, do not have SCADA online, for crying out loud. If you want to be hacked, then sure by all means go ahead, but this was so insecure you should never do this.

This is one very simple, glaring issue of how a system used for critical infrastructure can be used the way it was designed to shut it down, yet they didn’t consider they were designing it for others to use when they made it.

 

We will be writing more on SCADA in the near future.

 

 

 

WordPress Plugin WP-Doctor Contains A Trojan

Author wefightforsecurityPosted on September 19, 2018September 28, 2018Categories Uncategorized

The WordPress Plugin WP-doctor contains a trojan,  in the malware.txt file. A user  made this public over a year ago, yet nothing happened. So, we  reviewed it and they were right, so we contacted WordPress.

 

WordPress agreed that the trojan was in the software, however they could not find a point in the software where the trojan was being used. y  So, in other words the software was shipped with malicous code, but they weren’t using the malicious code, or rather no one has  yet to identify where that malicious code would work.

The WordPress team shut down the plugin while they talk to the team behind WP-Doctor to see if this was left over as part of an attempt in detecting malware, or if there is any legitimate reason for this WordPress Plugin to contain freaking malware.

Vulnerabilites are common in WordPress, malware shouldn’t be on WordPress or on any site as a useful program, yet this program at least has the trojan code in it. If it ever did anything is another question. At this point in time, we would advise you remove WP-doctor.