Cybersecurity Starts in the Boardroom
Hackers known as “Stargazer Goblin” running a network called Stargazers Ghost Network have been distributing malware, in particular info-stealing malware via over 3,000 fake accounts on GitHub. Over 3,000 GitHub accounts used by malware distribution service (bleepingcomputer.com) Using these accounts, compromised WordPress websites and relying on GitHub’s reputation as trusted …
Continue reading “Putting the effort in – 3000 fake accounts”
WordPress is one of the most – if not the most – popular website package on the web. Both professional web designers and less professional web designers use it. One of the reasons it is so popular is that with a little work, anyone can alter the code or download …
The premium WordPress plugin LayerSlider, which is used in over one million sites, has been shown to be vulnerable to one of the most basic of cyber security hacks – unauthenticated SQL injection. There were tutorials at Napier University showing us how to carry out these types of hacks, it …
Continue reading “Attaching “Premium” to a product does not guarantee it’s cyber security…”
I wrote about the potential victim base that any WordPress cyber security issue exposes last week: WordPress is always a target Have a read of that article if you do not understand why WordPress, WordPress plugins and user authorisation, need careful management in any cyber security plan. To reinforce the …
Regular readers will know the importance I attach to software and firmware patches as part of any cyber security plan. In fact, with most projects, managed and monitored updates one of the first things we implement across an organisation as it gives an immediate win for improved cyber security. Restarting …
