Press Sites

IN-DEPTH SYSTEM CARE
COMPUTER PROTECTION
ANTI-THEFT SECURITY
MOBILE GUARDIAN
INVOKING SIMPLICITY
PASSWORDS
CONVENIENTLY ORGANIZED
PRODUCTIVITY
BLOG WITH AMBITION
WORDPRESS SITES
OVERSEEING CONNECTIONS
NETWORK MONITOR
FREEDOM TO EXPRESS
PRIVATE MAIL

Press Sites

MyITAssistant Press Sites is designed specifically for WordPress website hosting, streamlined for maximum performance, stability, and functionality. A better solution and experience for everyone.

Press Sites is a server-free experience, with nothing to manage, update, or secure. Expertly curated hosting helps you build, optimize, and grow.

Security is an advantage of Press Sites hosting. Since WordPress is the only framework the infrastructure will have to handle, services that are not needed to run WordPress are disabled. You have a secure, protected environment when you combine this with regular updates to the WordPress core and plugins.

Our Press Sites solution includes iThemes Sync Pro and iThemes Security Pro plugins. Sync Pro tracks updates for WordPress and plugins, letting the owner know what’s available. With a button click, updates are pushed and updated on the website. Security Pro manages all aspects of security for the website. It’s the best WordPress security plugin to secure and protect WordPress.

  • Extra Protection for WordPress User Logins
  • Brute Force Protection
  • File Change Detection
  • Malware Scanning
  • Version Management
  • 25+ more features
  • Press Sites automatically performs a backup of the entire site and database daily. Backups cycle every 30-days, allowing time for offsite download if needed.

    Press Sites, everything a website needs to perform optimally, securely, and sustainably.

    Key Elements

    Finding the right hosting services for your WordPress website can be daunting. There are many options and features to consider. With Press Sites, we have made it simple. Site owners can focus on the site itself rather than the details and conditions of the server.

    • No overage fees, traffic limits, or metered pageviews

    • Worry free automatic plugin updates with visual comparisons

    • Image optimization plugin included to improve page-speed

    • iThemes Sync and Security Pro

    • Automatic SSL certificate

    • Staging site for development

    Press Sites
    Did you know?
    By 2020, security services are expected to account for 50% of cybersecurity budgets.
    Malware rates as the most expensive, with an attack costing victims up to $2.6 million.
    By 2020, the estimated number of passwords used by humans and machines worldwide will grow to 300 billion.
    Data breaches cost enterprises an average of $3.92 million
    Data breaches exposed 4.1 billion records in the first half of 2019.
    In 2017, 412 million user accounts were stolen from Friendfinder’s sites.
    Global cybersecurity spending is expected to hit $133.7 billion in 2022.
    Attacks on IoT devices tripled in the first half of 2019.
    Security breaches have increased by 11% since 2018 and 67% since 2014.
    More than 77% of organizations do not have a Cyber Security Incident Response plan.
    $17,700 is lost every minute due to phishing attacks
    48% of malicious email attachments are office files.
    300 billion passwords will be used by 2022.
    95% of cybersecurity breaches are due to human error.
    The estimated losses in 2019 for the healthcare industry are $25 billion.
    83% of Americans are using weak passwords.
    40 percent of IT leaders say cybersecurity jobs are the most difficult to fill
    Phishing attacks account for more than 80% of reported security incidents
    90% of remote code execution attacks are associated with cryptomining.
    Securing a computer is no longer just doing updates.
    More than 93% of healthcare organizations have experienced a data breach over the past three years. 57% of those have had more than five data breaches during the same timeframe.
    1 in 36 mobile devices had high risk apps installed.
    Damage related to cybercrime is projected to hit $6 trillion annually by 2021.
    60 percent of breaches involved vulnerabilities for which a patch was available but not applied
    The average lifecycle of a breach was 314 days (from the breach to containment).
    Kaspersky says that its web antivirus platform identified 24,610,126 “unique malicious objects” in 2019.
    Ransomware attacks are increasing by more than 350% each year.
    WannaCry ransomware attack cost the National Health Service (NHS) over $100 million.
    The worldwide information security market is forecast to reach $170.4 billion in 2022.
    Ransomware detections have been more dominant in countries with higher numbers of internet-connected populations. The United States ranks highest with 18.2% of all ransomware attacks.
    Backing up data is no longer something to set and forget.
    In 2017, 147.9 million consumers were affected by the Equifax Breach.
    30% of United States users end up opening phishing emails.
    Financial services had 352,771 exposed sensitive files on average while Healthcare, Pharma and Biotech have 113,491 files on average.
    Most malicious domains, about 60%, are associated with spam campaigns.
    Protecting privacy on a computer is a continual task.
    1 in 13 web requests lead to malware.
    In 2016, 3 billion Yahoo accounts were hacked in one of the biggest breaches of all time.
    The cost of lost business averaged $1.42 million.
    1 in 3 Americans will be affected this year by an attack.
    71 percent of breaches reported were financially motivated.
    The average time to identify a breach in 2019 was 206 days.
    Since COVID-19, the US FBI reported a 300% increase in reported cybercrimes.
    Every 60 seconds $1,138,888 million is lost to cybercrime.
    100,000 groups in at least 150 countries and more than 400,000 machines were infected by the Wannacry virus in 2017, at a total cost of around $4 billion.
    The most expensive component of a cyber attack is information loss at $5.9 million
    An attacker resides within a network for an average of 146 days before being detected.
    Malicious PowerShell scripts blocked in 2018 on the endpoint increased 1,000%.
    Connected IoT devices will reach 75 billion by 2025.
    IoT devices experience an average of 5,200 attacks per month.
    94% of malware is delivered via email
    63 percent of companies said their data was potentially compromised within the last twelve months due to a hardware- or silicon-level security breach
    Cybercrime will cost the world $10.5 trillion annually by 2025.
    1,861 people become victims of cyber-attacks every minute.
    Today’s technology and security risks are more complicated.
    More than 24,000 malicious mobile apps are blocked every day.
    In 2016, Uber reported that hackers stole the information of over 57 million riders and drivers.
    Emotet used over 290,000 compromised email addresses to spread malware, including 33,000 unique attachments.
    Fileless attacks grew by 256 percent over the first half of 2019
    Ransomware damage costs will rise to $11.5 billion in 2019 and a business will fall victim to a ransomware attack every 14 seconds at that time.
    The United States is #1 for targeted attacks.
    There is a hacker attack every 39-seconds , on average.
    95% of cybersecurity breaches are due to human error.
    56% of Americans don’t know what steps to take in the event of a data breach.
    The top malicious email attachment types are .doc and .dot which make up 37%, the next highest is .exe at 19.5%.
    34% of data breaches involved internal actors.
    Total cost for cybercrime committed globally will reach $6 trillion by 2021
    Google was fined $57 billion for GDPR violations by CNIL, a French data protection agency.
    In 2018, an average of 10,573 malicious mobile apps were blocked per day.
    Most companies take nearly 6 months to detect a data breach, even major ones.
    64% of Americans have never checked to see if they were affected by a data breach.
    Latest Threats
    Fake McAfeePlugin.exe: One of the Trellix Threat Intelligence Group’s hunting actions is to identify tools that are acting as legitimate tools, in this case tools that are acting like legitimate tools of the McAfee Corporation. One of the tools found is an executable called McafeePlugin.exe. This tool was not signed by McAfee Corp. and was in a directory path which wasn’t the official install location. By studying the telemetry hits of this fake plugin, we observed detections in Portugal from an organization in the energy sector. The attacked system was an exposed VMware Horizon server. By pivoting on the IP of the targeted host, the Trellix Threat Intelligence Group was able to determine there were multiple malicious detections over the course of a month. These detections involved: -Coin miner linked traffic, previously observed in a Conti ransomware attack in Belgium as well as the regular XMRig miner. -A specific exploit, called vmware_kb.exe and used to exploit vulnerable VMware Horizon servers. This specific exploit is associated with the Sliver framework, an alternative to Cobalt Strike, and was previously observed in a Avos Locker attack. -Multiple PowerShell scripts reaching out to known C2 servers linked to Cobalt Strike and Log4Shell attacks. -Lastly a coin miner that was observed in a previous campaign involving the threat group Lazarus which led to a Nukesped infection.
    Source: Trellix.com
    Ukrainian Entities Attacked: Multiple threat groups including UNC1151 and UNC2589 targeted Ukrainian entities with malicious spear-phishing documents. The GrimPlant backdoor and GraphSteel information stealer were used to find and exfiltrate browser credentials along with system, network, user, and directory information. A registry run key was created for persistence while hidden windows, process injection, software packing, and timestomping were used for defense evasion.
    Source: Trellix.com
    IcedID Banker: IcedID, also known as BokBot, is a modular banking trojan that targets user financial information and is capable of acting as a dropper for other malware. It uses a man-in-the-browser attack to steal financial information, including login credentials for online banking sessions. Once it successfully completes its initial attack, it uses the stolen information to take over banking accounts and automate fraudulent transactions. IcedID is primarily dropped as a secondary payload from other malware, most notably Emotet, in addition to its own malspam campaigns. IcedID uses multiple injection methods to evade antivirus and other malware detection methods, such as injecting itself into operating system (OS) memory and regular processes. The malware authors are known to update IcedID to increase persistence and evade new detection efforts.
    Source: Trellix.com
    BPFDoor: Multiple sectors including education, government, and logistics are being targeted with BPFDoor, Mangzamel, Gh0st, and Metasploit malware. Once compromised the malware communicates with the threat actor controlled C2 and to receive further instruction or payload delivery. Threat actors often leverage Virtual Private Servers for communication over TCP, UDP, and ICMP protocols. The Trellix ATR Team gathers and analyzes information from multiple open and closed sources before disseminating intelligence reports.
    Source: Trellix.com
    Iron Tiger Uses Updated SysUpdate Malware: The Iron Tiger threat group, also known as LuckyMouse, Emissary Panda, and APT27, targeted the government, bank, telecom, energy, and gaming sectors in the Middle East and Southeast Asia. The initial infection vector consisted of weaponized documents, the exploitation of Internet-facing applications, and watering-hole and supply-chain attacks. Iron Tiger updated their toolkit with a new variant of the SysUpdate malware family. The updated payload contains new and unique classes and uses a named pipe for communication. The malicious software uses DLL sideloading, WMI, and process injection for execution, privilege escalation, and defense evasion.
    Source: Trellix.com
    8220 Gang Expands Cloud Botnet: The 8220 Gang, also known as 8220 Mining Group, is targeting cloud hosts with the IRC botnet and PwnRig cryptocurrency miner. The threat actor exploits known vulnerabilities and uses brute force to gain initial access. Lateral movement is carried out using network scanning and hundreds of hardcoded SSH credentials. At the time of this writing the actor has infected around 30,000 devices with the malicious software.
    Source: Trellix.com
    LockBit 3.0 Ransomware: The LockBit ransomware-as-a-service (RaaS) family was discovered in 2019 with version 3.0 released in mid-2022. Improvements added by the threat actor include a new search tool on the site hosting the leaked data, new management features, and the acceptance of Zcash for payment. Version 3.0 of the malware also includes multiple techniques such as code packing and obfuscation to hinder analysis and the abuse of the Microsoft Connection Manager Profile Installer (CMSTP) to bypass UAC.
    Source: Trellix.com
    APT34 Group: APT34 also known as OilRig among other aliases, is an APT group that has been active since 2014. This allegedly Iranian group has mostly focused on the Middle East targeting government, financial, telecommunications, energy, and chemical industries. This espionage motivated group uses techniques such as spear-phishing, targeted social engineering via LinkedIn, or mimicking sites offering jobs opening to gain the initial foothold into the targeted network. It then uses techniques like DNS tunneling to hide the communication with the C2 servers as well as hiding the commands in copies of legitimate websites. In 2019 an individual named “Lab Dookhtegan” leaked via a public Telegram channel the source code of a big portion of the APT34 arsenal. Since then the group has been busy updating their arsenal to avoid detection and proceed with their operations.
    Source: Trellix.com
    SmokeLoader: Smoke Loader is a malicious bot application that can be used to load other malware. Smoke Loader has been seen in the wild since at least 2011 and has included several different payloads. It is notorious for its use of deception and self-protection. Smoke Loader was originally offered by an individual with the moniker SmokeLdr on the notorious Exploit forum.
    Source: Trellix.com
    Lockbit: Lockbit, a newer Ransomware-as-a Service, was identified in the first quarter of 2020 by a joint research effort from McAfee Labs and Northwave. Once a victim has been compromised, a ransom note is dropped by the malware reporting that in addition to encrypting files the threat actor has also exfiltrated private data including financial, personal, and network information. The ransom note further instructs the victim to a dark web address to regain access to their encrypted data. In more recent attacks, the threat actor has threatened to publish confidential data that has been exfiltrated if the ransom is not met within the time frame set by the threat actor. McAfee Labs will continue to update the Lockbit ransomware profile and disseminate information that is deemed appropriate regarding the Lockbit ransomware and victims.
    Source: Trellix.com
    Attacks on Goverment Agencies: The Trellix Email Security Research Team has discovered a malicious campaign targeting government agencies of Afghanistan, India, Italy, Poland, and the United States since 2021. The attack starts with a spear phishing email with a geo-political theme. The spear phishing emails were themed around India Afghanistan relationship. Attacker used politics as a lure to trick users into clicking on a malicious link. The email used for this phishing attack contains an attachment or a weaponized URL that delivers an Excel sheet. Upon opening the Excel sheet, Excel executes an embedded malicious macro which then decrypts and installs a Remote Access Trojan (AysncRAT & LimeRAT) and maintains persistence. Once the Remote Access Trojan is installed on the victim machine, it establishes communication with a Command-and-Control server used to exfiltrate victim data. The Remote Access Trojan is capable of taking screenshots, capturing keystrokes, recording credentials/confidential information, and adding infected systems to botnets. It can also perform network discovery and move laterally to other systems in the affected organization. The email used in this attack originated from the South Asia region which suggests the involvement of a South Asian threat actor. Trellix Email Security has detection coverage for this malicious campaign. The Trellix ATR Team gathers and analyzes information from multiple open and closed sources before disseminating intelligence reports.
    Source: Trellix.com
    Targeted Attack on Government Agencies: The Trellix Email Security Research Team has discovered a malicious campaign targeting government agencies of Afghanistan, India, Italy, Poland, and the United States since 2021. The attack starts with a spear phishing email with a geo-political theme. The spear phishing emails were themed around India Afghanistan relationship. Attacker used politics as a lure to trick users into clicking on a malicious link. The email used for this phishing attack contains an attachment or a weaponized URL that delivers an Excel sheet. Upon opening the Excel sheet, Excel executes an embedded malicious macro which then decrypts and installs a Remote Access Trojan (AysncRAT & LimeRAT) and maintains persistence. Once the Remote Access Trojan is installed on the victim machine, it establishes communication with a Command-and-Control server used to exfiltrate victim data. The Remote Access Trojan is capable of taking screenshots, capturing keystrokes, recording credentials/confidential information, and adding infected systems to botnets. It can also perform network discovery and move laterally to other systems in the affected organization. The email used in this attack originated from the South Asia region which suggests the involvement of a South Asian threat actor.
    Source: Trellix.com
    SmokeLoader: Smoke Loader is a malicious bot application that can be used to load other malware. Smoke Loader has been seen in the wild since at least 2011 and has included several different payloads. It is notorious for its use of deception and self-protection. Smoke Loader was originally offered by an individual with the moniker SmokeLdr on the notorious Exploit forum.
    Source: Trellix.com
    Google Drive and Dropbox Used by APT29: Cloaked Ursa (aka: APT29) has been targeting governmental entities in several countries with spear-phishing campaigns that deliver the EnvyScout dropper, that contains de-obfuscation capabilities, and the Cobalt Strike Beacon. The campaign required user interaction to execute the malware, once compromised the threat actors performed reconnaissance and exfiltration objectives.
    Source: Trellix.com

    Still have questions? Give us a call at (480) 535-6661