A new WordPress version, 4.8.2, has been released. As this contains security fixes, all WordPress sites should be updated immediately. The update includes a fix to $wpdb->prepare() to help protect against SQLi injection attacks. WordPress core is not vulnerable to SQLi injection attacks directly, but certain plugins and themes may be vulnerable depending on how […]
The top three countries countries continue to be Russia, United States, and Ukraine. The US has moved into the top spot. China moved up two notches to #4. July 2017’s report can be found here.
Microsoft’s September 2017 Patch Tuesday is a real humdinger, even exceeding August’s Patch Tuesday; encompassing 259 security patches covering 82 vulnerabilities. Windows 7: 22 vulnerabilities of which three are rated critical, 19 important Windows 8.1: 26 vulnerabilities of which four are rated critical, 22 important Windows 10 version 1703: 25 vulnerabilities of which two are […]
Holy crap, Batman! Yes, the company of last resort to protect your identity has just coughed it up. This breach included the Social Security Numbers of 143 Million Americans, a little less that half of the US population. Equifax reports that over 209,000 credit card numbers were stolen, along with identifying information (PCI) for 182,000 […]
Bruce Schneier had an interesting post last week on how insecure journalists are. It turned out to be quite an animated discussion. As I commented therein, I really doubt that your typical newspaper reporter gets much cybersecurity, or even cyber-awareness, training in journalism school. There are no whistle-blowers that go to traditional media anymore, a […]
I am very happy that the Adobe Flash Player is finally getting killed off. It is the single most bug-ridden program that has ever existed on this planet. Even worse is that many people think that anything-Abobe is Open Source when, in fact, it is anything but. Nowadays, most websites have converted Flash content to […]
Wow. That’s a lengthy title that covers just about anything. Really, this is just a sounding-out of what’s been happening in the Spy business lately. Vulnerability Disclosure To start with, there’s a good read on Lawfare, entitled “No, the U.S. Government Should Not Disclose All Vulnerabilities in Its Possession“. It was written by Rick Ledgett, Deputy […]
Proofpoint has identified a new type of ransomware called “Defray“. Two highly-targeted ransomware attacks have been directed at the Healthcare and Education sector, and another at the Manufacturing and Technology sector. As Proofpoint points out, the attack is not of the “spray and pray” variety like most other ransomware attacks. This suggests a very specific threat actor. […]
Writer David Pogue mentions a useful Windows 10 Utility Menu available for technicians and power users. It is simply invoked using the keys WINDOWS + X. Yes, depressing the Windows and “x” keys simultaneously brings up a Windows 10 utility menu with all the good stuff you need:
The top three countries (Russia, United States, Ukraine) remained the same when compared to WordFence’s June report here. China moved down a couple of notches. Israel moves into the top 20 for the first time.