Regular readers will know the importance I attach to software and firmware patches as part of any cyber security plan. In fact, with most projects, managed and monitored updates one of the first things we implement across an organisation as it gives an immediate win for improved cyber security. Restarting …
WordPress is always a target
WordPress is one of the most – if not the most – popular website package on the web. Both professional web designers and less professional web designers use it. One of the reasons it is so popular is that with a little work, anyone can alter the code or download …
The Threat Actors will abuse any service for their own ends
Researchers are warning that threat actors are abusing the Google Cloud Run – an application and website development and management service – to distribute banking trojans on an industrial scale: Hackers abuse Google Cloud Run in massive banking trojan campaign (bleepingcomputer.com) Your takeaway Any applications or software you have written …
Continue reading “The Threat Actors will abuse any service for their own ends”
Infected Python Packages
It is a while since I have written about the threat actors getting inside software repositories and infecting widely used software packages with malware. Subsequently these packages are then innocently used by web and software developers, infecting their work which is then passed onto the end client, potentially you. The …
WordPress vulnerability
You always need to keep up with the cyber security of your WordPress website and any plug-ins you use. Here is another that needs checking: Massive Balada Injector campaign attacking WordPress sites since 2017 (bleepingcomputer.com) Now the question you need to ask yourself is who looks after my website, assuming …
