…it does not leak your master password any more! I have had a lot to say on the storage of your highly sensitive passwords – use an online bank if you must but also realise they are not perfect: KeePass v2.54 fixes bug that leaked cleartext master password (bleepingcomputer.com) I …
Zyxel firewall flaw
For smaller organisations updating network devices is often overlooked. CISA is warning of a flaw in Zyxel firewalls that is being actively exploited by hackers even though the vendor issued patches for the vulnerability over a month ago! CISA Adds One Known Exploited Vulnerability to Catalog | CISA Hackers exploit …
WordPress JetPack and Gravity Forms vulnerable
Just before I write this I am going to alert our web team so they can check our clients have the WordPress patch installed and if not get it done for them… The WordPress JetPack is a useful add-on for WordPress websites that provides a range of extra functionality – …
Continue reading “WordPress JetPack and Gravity Forms vulnerable”
PyPi software repository takes the most basic of security steps…
Having temporarily closed its doors last week to new business, PyPi – a python code repository – is now enforcing the most basic of cyber security precautions – 2FA! PyPI announces mandatory use of 2FA for all software publishers (bleepingcomputer.com) Your takeaway from this is that any essential business service …
Continue reading “PyPi software repository takes the most basic of security steps…”
Let’s finish the week where we started it – Android Malware
Here is a deep dive on the operation of the Predator Android malware by Bill Toulas of Bleeping Computer from research by Cisco Talos and the Citizen Lab. Predator: Looking under the hood of Intellexa’s Android spyware (bleepingcomputer.com) Predator is commercially available malware – only sold to governments or authorised …
Continue reading “Let’s finish the week where we started it – Android Malware”
