Earlier in the week I wrote about the issues with the WordPress plugin Elementor. Now the vulnerabilities I wrote about are being actively scanned for by threat actors: Hackers target vulnerable WordPress Elementor plugin after PoC released (bleepingcomputer.com) Have you or your web designers updated your website? (We have.) Do …
Millions of websites use WordPress…
…which makes them a juicy target for threat actors if they can find a bug in code or plugins. That was the topic of yesterday’s article on CyberAwake: Let’s Talk About WordPress – CyberAwake This is an article about governance – not a technical article – so if you are …
Code Supply Chain Compromise
It is a while since I have written about the issue of compromising code in software repositories being an attack vestor for threat actor bit it has not gone away. Malicious Microsoft VSCode extensions steal passwords, open remote shells (bleepingcomputer.com) Software and web developers everywhere will access code from these …
Realistic Cyber Security
As you probably know, if you follow this blog, I was in Edinburgh last week at the 6th Intl. Conference on Big Data, Cybersecurity & Critical Infrastructure held at the Craiglockhart Campus, Edinburgh Napier University. For my post this week I wanted to share one positive thing I got from …
Why you need be honest if you are hacked
This did happen in the United States, but it is a warning tale for all senior managers and board members – you are responsible. Ex-Uber security chief sentenced over covering up hack – BBC News Your Takeaway My Ransomware Primer includes sections on what your incident response plan should look …
