Here is a keynote article from Google looking at the steps it is taking to make the online experience safer. Google I/O 2023: New features to improve online safety (blog.google) It is worth the read as it does illustrate what the threats and risks are when operating online – both …
Another WordPress Vulnerability
WordPress is an extremely popular platform for producing web content – so threat actors are constantly probing it looking for gaps in the security. The popular plug-ins also make great targets because if their security fails the potential victims can number in the many thousands. Or millions. WordPress Elementor plugin …
Patch Outlook
Microsoft has released an out-of-band patch for Outlook to protect from an exploit that could bypass a previous security patch. Microsoft patches bypass for recently fixed Outlook zero-click bug (bleepingcomputer.com) You need to check that the automatic updates have done their thing and applied this patch. If not get it …
ONLY get your Windows updates via the Updates app
We write a lot about patches and updates – they are important to keep your organisation secure. But do not be tempted when browsing the web to follow a helpful advert that offers you Windows updates. That is not how it is done! Fake in-browser Windows updates push Aurora info-stealer …
Continue reading “ONLY get your Windows updates via the Updates app”
LEGO hacked
APIs (application programming interface) are a key part of interoperability and functionality online – but they have to secure: LEGO BrickLink bugs let hackers hijack accounts, breach servers (bleepingcomputer.com) How much are you relying on your web designer to protect your reputation?
Deception for profit on a massive scale
Bill Toulas over on Bleeping Computer refers to the organisation Fangxiao as a malicious for-profit group. Fangxiao runs a massive of over 42,000 web domains that impersonate popular brands that redirect users to sites carrying adware apps, dating sites and that favourite of those browsing the web “free” giveaways. This …
Linux malware not your problem – but it is.
Technical cyber security defences are getting better – there is no doubt about that – just keep the security software updated and do not let anyone argue with the advice and actions the anti-virus or advanced threat protection gives or makes. However as technical defences improve the threat actors find …
Continue reading “Linux malware not your problem – but it is.”