Cybersecurity Starts in the Boardroom
This one to be specific: WooCommerce admins targeted by fake security patches that hijack sites It is a phishing campaign, attacking the popular WordPress plugin WooCommerce, exploiting admins and their credentials with malicious security patches the admins think they must have – again a classic bit of threat actor social …
Continue reading “I was going to write about a WooCommerce attack…”
When a major retailer suffers a cyber security incident it is going to make headline news… again and again. Here is today’s installment: M&S cyber attack chaos leaves more questions than answers – BBC News We can all learn something about improving our cyber security reponses whilst we watch M&S …
Last week I said there would be more to come on this story – and there was… M&S stops online orders and issues refunds after cyber attack – BBC News Mixed Messaging It appears to me that the main complaint from customers is not that services are unavailable or that …
There are no details about the attack yet, or whether customer information has been compromised – but the attack has impacted the online shopping and “click and collect” service – which probably use customer information to function. Marks & Spencer confirms a cyberattack as customers face delayed orders No ransomware …
Just in case you thought ransomware was done, the US Government Agency, CISA (Cybersecurity and Infrastructure Agency – not closed yet) issued a warning that the Medusa ransomware operation has hit over 300 organisations in February 2025. #StopRansomware: Medusa Ransomware | CISA Your Takeaway I have two things for you: …
