Category: Web Development

Screenshot from networksolutions.com requesting that users change their password.
Cyber Security BreachPhishingSecurityVulnerabiltyWeb Development

Cybersecurity Incident or Full Blown Breach at Web.com, Register.com, and NetworkSolutions.com

As painful as it is to announce this, what some consider the 5th largest domain registration company in the world has been breached. Or should we call it a cybersecurity incident as they claim in their mea culpa, comforting customers that, “No credit card data was compromised as a result of this incident?” (Emphasis ours). The mea culpa is posted on a subdomain of their website: https://notice.web.com/ where they publish the following FAQ.

Frequently Asked Questions

What happened? On October 16, 2019, Web.com determined that a third-party gained unauthorized access to a limited number of our computer systems in late August 2019, and as a result, account information may have been accessed. No credit card data was compromised as a result of this incident.

What are you doing about it? Upon discovery, we took immediate steps to stop the intrusion. We promptly engaged a leading independent cybersecurity firm to investigate and determine the scope of the incident. We notified the proper authorities and began working with federal law enforcement.We are notifying affected customers through email and via our website, and as an additional precaution are requiring all users to reset their account passwords.

What data/information was involved? Our investigation indicates that account information for current and former Web.com customers may have been accessed. This information includes contact details such as name, address, phone numbers, email address and information about the services that we offer to a given account holder.We encrypt credit card numbers and no credit card data was compromised as a result of this incident.

What can I do to protect my account? We have already taken additional steps to secure your account, and there is nothing you need to do at this time. The next time you log in to your account you will be required to reset your password.As with any online service or platform, it is also good security practice to change your password often and use a unique password for each service.

Is my credit card information at risk? We store credit card numbers in a PCI (Payment Card Industry) compliant encryption standard and do not believe your credit card information is vulnerable as a specific result of this incident. That said, it is good practice to monitor your credit card account and we encourage you to notify your credit card provider if you see any suspicious charges.

Should I reset my password as part of this? We have already taken additional steps to secure your account, and there is nothing you need to do at this time. The next time you log in to your account you will be required to reset your password.As with any online service or platform, it is good security practice to change your password often and use a unique password for each service.

FAQ on the Important Safety information at notice.web.com

KrebsOnSecurity was among the first if not the first to break the news to the public in an article published on October 30th. According to Krebs.

Web.com encourages customers to call them with any questions. The phone number is available on the notice page they published.

Our word of advice here: please do not reuse passwords and setup multifactor authentication where possible.

Little TipsprogrammingWeb Development

Where Can I Learn Regular Expressions? How About Testing?

Where Can I Learn Regular Expressions Syntax and Use?

Regular expressions are fun, if you can figure out how to use use them of course. So, let’s fix that. Well, even better, just go fish on your own starting with Regular-Expressions. I kinda like how colorful that site is!

Where Can I Test My Regular Expressions?

If you are learning Regular Expressions, you probably wonder sometimes if there is a way to make sure what you have in mind will work. Well, there are several ways of testing your regex, but I have found Regex Tester to be pretty easy to use.

Et voilà! Look at you! All equipped and ready!

Apple TroubleshootingLittle TipsmacbookOS XWeb Development

What Does It Mean That “App” Is Not Optimized For Your Mac?

If you are a MacOS user, you most likely have a pop up message on your mac recently stating, “This app will not work with future versions of macOS and needs to be updated to improve compatibility. Contact the developer for more information.

Image from apple website containing the message: "App" is not optimized for your Mac and needs to be updated. This app will not work with future versions of macOS and needs to be updated to improve compatibility. Contact the developer for more information.
Pop up you get whenever you run an app that’s not 64-bit on your Mac.

Despite the fact that the frequency of those messages is a bit exasperating, you need to pay attention to the issue they raise.

Apple is switching to an all 64-bit platform starting with macOS Catalina. All applications that are of the 32-bit kind will not be compatible with Apple’s operating system past the macOS Mojave (Version 10.14)

Is There Anything I Need To Do About Mac OS Transition To 64-bit Only OS?

It is imperative that you make sure your essential applications are compatible with future versions of macOS. Applications like your word processor, your code editor, your remote desktop application, your virtual machine platform are only a few examples you need to verify they are compatible.

If you use your Mac for making, producing, editing, and potentially even playing music, this is a very important notification for you. Please make sure your application is 64-bit compatible or do not upgrade to any macOS past Mojave until your applications are 64-bit ready. Pro-Tools-Experts suggests a list of press releases and announcements from music application vendors and producers warning their users not to upgrade to macOS Catalina just yet.

How Do I Find Out Which Applications Are 32-bit or 64-bit On My Mac?

The process is quite easy to find out which applications on your Mac are 32-bit or 64-bit. In a helpful guide, Apple suggests:

  • From the Apple menu, choose About This Mac,
  • then click the System Report button.
  • From the system report, scroll down to Software in the sidebar,
  • then select Applications.
  • When you select an individual application, you will see a field titled 64-bit (Intel). “Yes” indicates 64-bit; “No” indicates 32-bit.

If you’re using macOS Mojave, select Legacy Software in the sidebar to see all applications that have not been updated to use 64-bit processes.

We hope that you will now prepare for the new all 64-bit era with more confidence! Please ask us directly if any questions on Twitter @RafikiTechno or directly on this blog through our contact form.

AntivirusLittle TipsMalwareNetworkingPhishing

Microsoft SharePoint Under Attack – CVE-2019-0604

SharePoint is under attack as attackers have discovered and are exploiting vulnerability CVE-2019-0604. Find out more about the vulnerability in the linked security advisory by Microsoft below:

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.

– Microsoft SharePoint Remote Code Execution Vulnerability

According to an article by HelpNetSecurity, the attackers are able to install a web shell that then “allows them to achieve continuous access to the system and, potentially, to the internal network on which it resides.” The article also reports that, “According to the Canadian Centre for Cyber Security, researchers have identified compromised systems belonging to the academic, utility, heavy industry, manufacturing and technology sectors.”

Sitemap Illustration
GoogleLittle TipsSEOWeb DevelopmentWordPress

How to Refresh My Sitemap for Google Search Console to Find It?

Is Google Search Console failing to retrieve your website’s sitemap? It is possible that you need to refresh your permalinks.

To do that:

  1. Go to your /wp-admin page.
  2. Go to the “Settings” menu and click on Permalinks.
  3. Once on the permalinks page, without altering anything, click on “Save Changes.”

Give it some time and then go test yoursite.com/sitemap.xml and see if Google is finally picking something up.

You can find some more ideas here:

Little TipsPythonWeb Development

Python, AttributeError: ‘module’ object has no attribute ‘config’

Four years ago, when I first started learning Python, I came across a problem that would later on become a “Famous Question” on StackOverflow. You may be reading this article because you encountered the same problem.

Traceback (most recent call last): File “C:\Users\myname\documents\visual studio 2010\Projects\PythonApplication 1\PythonApplication1\RunSikuliOnVM.py”, line 97, in logging.config.dictConfig(LOG_DICT_CONFIG_OnVM) AttributeError: ‘module’ object has no attribute ‘config’ Press any key to continue . . .

So, I will quickly suggest you check what turned out to be my problem.

I had imported a module into my code and later on made reference to that module by calling a specific attribute, but there was no such attribute in the module. Or at least so thought my Python interpreter. The quick fix for the error that I had gotten turned out to clear the cache of my interpreter. An example of how to do that with an interpreter is in the documentation for PyCharm.

This seems to be what is meant by the Python 3 documentation when it warns that “multiple evaluations of the same attribute reference may yield different objects.” I extrapolate and conclude that the error I am observing is somewhat of a “different” result I am getting.

Now for those interested in understanding the AttributeError for its own sake, another part of the Python documentation describes the exception in these terms:

exception AttributeError :Raised when an attribute reference (see Attribute references) or assignment fails. (When an object does not support attribute references or attribute assignments at all, TypeError is raised.)

 

The problem with the case at hand is that the config module does have a config attribute. This is why I posit that it is the caching issue that is the problem here since the interpreter may be referring to a totally different module than the logging module your code may be calling in this instance.

Note: This article is still in development even though it has been published to offer some beginning of a solution to those dealing with the AttributeError: ‘module’ object has no attribute ‘config’ exception.

Find Your historical DNS record
NetworkingRouters-Modem-FirewallsWeb DevelopmentWordPressWPEngine

How To Find My Old DNS Information Or DNS History

Ever been stuck in a situation where you cannot remember what your last DNS* information was? This may happen while migrating a site from one hosting provider to another, a domain from one registrar to another**, or any of the possible playing around you could find yourself doing with your DNS.

You may easily remember your CNAME records, but trying to find what your SOA, NS, A, AAA, MX, or TXT records*** were in the past can be a tricky exercise unless you are familiar with some really cool tools online like DNSTrails. I just used this tool a few minutes ago and it saved me from a lot of frustration as I wanted to temporarily revert my DNS records to what I just had deleted from my domain registrar.

I am sure there other tools out there, but this one just served me well, so I thought to share the insight with you!

Oh, also, if you ever want to temporarily make your computer point to a specific DNS setting for a specific domain, here are some useful resources:

  1. The Host File Trick on Mac and PC by WPEngine
  2. Editing the Host File on Mac OS X Leopard by WordPress

Finally, just for the sake of completion. Another site I really like is MX Toolbox, this online tool will help you check the propagation status of your DNS, MX, and other Records.

 

——

*DNS means Domain Name System

** Yep! That is actually possible! Just ask your current registrar how to migrate your domain
*** CNAME stands for canonical name and serves to make a domain an alias of another domain, MX stands for mail exchange and lists the mail servers that are to be used for a domain, NS stands for name server and tells which Name Server is authoritative for a given domain, SOA stands for State Of Authority and keeps up with when the domain was last updated and other similar information, A stands for address and is the IP of a given domain, AAAA is an IPv6 address records corresponding to a 128-bit IPv6 address while other addresses are mapped for 32-bit IPv4 addresses, TXT is a way for the domain administrator to enter any text into the DNS record. More on this at PCNames.