A vulnerable WordPress plugin is in the news. The Advanced Custom Fields plugin needs to be updated or your site is vulnerable: WordPress plugin flaw puts ‘millions of websites’ at risk • The Register If you use this get it updated now. Do you know if your website uses this …
Passwordless Google Accounts
I’m in. I have written about passwordlessness (I probably made that word up!) before. Eliminating the password makes it much harder for threat actors to compromise your security, exploit stolen credentials and gain unauthorised access to systems such as Microsoft and now Google: Google adds passkeys support for passwordless sign-in …
When is secure not secure
A while back Diana wrote a piece about the padlock in the URL bar of your browser and what it says about that sites security and means for your cyber security: Is that website secure? However what that symbol means in effect is that the communications between your device and …
What to do if you think you have malware on you PC…
…and a good news story about Facebook. The information stealing malware, NodeStealer spotted by the Facebook security team stealing Facebook user information and hijacking accounts – so they stepped in and blocked it. Facebook disrupts new NodeStealer information-stealing malware (bleepingcomputer.com) The malware exfiltrated session cookies from a range of the …
Continue reading “What to do if you think you have malware on you PC…”
You have protection – hackers have evasion
In a forth coming article about our new Security Operations Centre (SOC-as-a-Service), I discuss the different between passive protection – which you must have – and reactive, continuous 24/7 Cyber Security Monitoring. This article from Bleeping Computer illustrates how threat actors carefully take apart the protection you are using to …
Continue reading “You have protection – hackers have evasion”
