Cybersecurity Starts in the Boardroom
WordPress is one of the most – if not the most – popular website package on the web. Both professional web designers and less professional web designers use it. One of the reasons it is so popular is that with a little work, anyone can alter the code or download …
The premium WordPress plugin LayerSlider, which is used in over one million sites, has been shown to be vulnerable to one of the most basic of cyber security hacks – unauthenticated SQL injection. There were tutorials at Napier University showing us how to carry out these types of hacks, it …
Continue reading “Attaching “Premium” to a product does not guarantee it’s cyber security…”
I thought I was done with device security for the time being – but then, of course, I got a question from a client. “What about USB drives?” Rather than write a completely new article let me reprint an article I wrote for CyberAwake looking at USB storage security – …
Continue reading “USB cyber-attack – Device Security (Pt. 4)”
I wrote about the potential victim base that any WordPress cyber security issue exposes last week: WordPress is always a target Have a read of that article if you do not understand why WordPress, WordPress plugins and user authorisation, need careful management in any cyber security plan. To reinforce the …
In case you missed the memo passwords are important. Storing them in plain text where threat actors can eventually get access to them is a really bad thing. Misconfigured Firebase instances leaked 19 million plaintext passwords (bleepingcomputer.com) It is even worse if those passwords are associated with other sensitive information, …
