Plug-ins is a way of vendors and third-parties extending the functionality of software – it work very well, the success of WordPress is partly based on plug-ins. Now the threat actor vendors are taking the same approach with their malware – with the plug-ins helping to obfuscate the malware to …
Distributed Denial of Service attacks
The denial-of-service (DoS) attack, is a common attack used by those who want to make a point or make money, by disrupting the availability of websites and web services. In simple terms the threat actor finds a way to flood a system with malicious network traffic to overload network infrastructure …
Ransomware via IoT
I have written before about the security limitations of “Internet of Things” (IoT) devices. Many of them are simple devices, possibly based on older tech, they tend to lack the hardware to allow for regular security updates, etc, etc etc. At least the UK Government is enacting laws to make …
Here is something new – pre-hijacking!
Hijacking of online accounts is a serious cyber security concern. The unauthorised access by threat actors to everything from Amazon accounts to Zoho accounts all have data breach consequences either for the individual or organisation. (That is why we tell all our clients to make multi-factor authentication (MFA) compulsory for …
School WordPress plug-in is vulnerable to attack
If you use or responsible for a School Management system – check this does not impact you. The ICO takes a dim view of child privacy violations. Researchers find backdoor lurking in WordPress plugin used by schools | Ars Technica