Cybersecurity Starts in the Boardroom
Before I start this week’s Wednesday Bit, let me send you over to read this first – you need to understand the value I put on encryption: Encryption or Not Encryption The real-world case for encryption The other week I got introduced to a new client under difficult circumstances – …
This one to be specific: WooCommerce admins targeted by fake security patches that hijack sites It is a phishing campaign, attacking the popular WordPress plugin WooCommerce, exploiting admins and their credentials with malicious security patches the admins think they must have – again a classic bit of threat actor social …
Continue reading “I was going to write about a WooCommerce attack…”
Do not be tempted to click on an offered PowerShell fix, for an apparent error in Microsoft Word, OneDrive or Google Chrome – it could be a social engineering trick to get you to install malware to your computer: Fake Google Chrome errors trick you into running malicious PowerShell scripts …
There are claims from Palo Alto Networks’ Unit 42 threat intelligence team that they have discovered a nearly undetectable strain of malware. The malware is contained in a CV for Roshan Bandara, but rather than the normal .pdf or Word file it is an image file -.iso. Near-undetectable malware linked …
