You are here
Home > Posts tagged "Biz & IT"

Hackers are exploiting a critical flaw affecting 350,000 WordPress sites

If you use this plugin, update now and scan your Wordpress installs for malware. I also recommend using a security plugin that blocks any IP that is scanning for wp-file-manager...: Hackers are actively exploiting a vulnerability that allows them to execute commands and malicious scripts on Websites running File Manager, a WordPress plugin with more than 700,000 active installations, researchers said on Tuesday. Word of the attacks came a few hours after the security fla...

“DeathStalker” hackers are (likely) older and more prolific than we thought

No, not COBOL-guys in their 60's (like me); this article is pointing out that the group might have been going for almost 10 years - a lifetime in internet years...: In 2018, researchers from security firm Kaspersky Lab began tracking “DeathStalker,” their name for a hacker-for-hire group that was employing simple but effective malware to do espionage on law firms and companies in the financial industry. Now, the researchers have linked the group to two other pieces of ma...

Beware of find-my-phone, Wi-Fi, and Bluetooth, NSA tells mobile users

Like a lot of families, we have 'Find My iPhone' turned on so when the inevitable happens and someone leaves their device(s) on a bus/taxi/train we can all see where it is and wipe if irretrievable. Location Services come with risks though. Time to create your own threat model and decide if it's worth leaving them set to 'on'...: The National Security Agency is recommending that some government workers and people generally concerned about privacy turn off find-my-phone, ...

Cisco security breach hits corporate servers that ran unpatched software

And today's fire drill is...: [...] Cisco said that without updates any VIRL-PE or CML products that are deployed in standalone or cluster configurations will remain vulnerable to the same sorts of compromises. The company released software updates for the two vulnerable products. Cisco rated the severity of the vulnerabilities with a ranking of 10 out of 10 on the CVSS scale. The Salt vulnerabilities are a CVE-2020-11651, an authentication bypass, and CVE-2020-11652, a...

LockBit, the new ransomware for hire: a sad and cautionary tale

Understand how these malfeasants get into your network...: Ransomware has emerged as one of the top threats facing large organizations over the past few years, with researchers reporting a more than a fourfold increase in detections last year. A recent infection by a fairly new strain called LockBit explains why: after it ransacked one company’s poorly secured network in a matter of hours, leaders had no viable choice other than to pay the ransom. A report published by Mc

A critical iPhone and iPad bug that lurked for 8 years may be under active attack

Look out for a patch and make sure you apply it...: Enlarge (credit: ZecOps) A critical bug that has lurked in iPhones and iPads for eight years appears to be under active attack by sophisticated hackers to hack the devices of high-profile targets, a security firm reported on Wednesday. The exploit is triggered by sending booby-trapped emails that, in some cases, require no interaction at all and, in other cases, require only that a user open the message, researche...

Security tips every teacher and professor needs to know about Zoom, right now

What's the betting that 'Zoombombing' is one of the words of 2020?...: With the Coronavirus pandemic forcing millions of people to work, learn, and socialize from home, Zoom conferences are becoming a default method to connect. And with popularity comes abuse. Enter Zoom bombing, the phenomenon of trolls intruding into other people's meetings for the sole purpose of harassing attendees, usually by bombarding them with racist or sexually explicit images or statements. A s...

5 years of Intel CPUs and chipsets have a concerning flaw that’s unfixable

This is one of those "watch this space" vulnerabilities rather than a "the sky is falling in"...: Virtually all Intel chips released in the past five years contain an unfixable flaw that may allow sophisticated attackers to defeat a host of security measures built into the silicon. While Intel has issued patches to lessen the damage of exploits and make them harder, security firm Positive Technologies said the mitigations may not be enough to fully protect systems. The ...

Top