Cybersecurity Starts in the Boardroom
AlienFox is a malicious modular toolkit that threat actors can buy via a private Telegram channel. New AlienFox toolkit steals credentials for 18 cloud services (bleepingcomputer.com) The malware can be configured to scan for misconfigured servers and steal authentication details and credentials for a range of popular cloud-based services such …
Continue reading “Available for sale – a toolkit to steal credentials”
Keeping up with WordPress plugin security is something our web manager works very hard at for us and our clients – it is important. Read this to find out why: What do you know about your website? – CyberAwake As you can see this issue escalates when personal information and …
Over the last two weeks we have had two WordPress jobs. One came about when our sysadmin discovered, during a routine system check, that a client’s site was using several insecure plugins. She contacted the client and their web designer and a disaster was averted – that web designer has …
Is your website produced using Drupal? Or WordPress? Do you know? Do you discuss this and the security of your website with your web developers? Drupal is a similar product to WordPress and is used to create website, so any security update to a product that sits there on the …
Continue reading “Security advisory for Drupal – do you know if this applies to you?”
Here is a flaw in the YITH WooCommerce Gift Cards Premium plug-in which needs fixing: Hackers exploit bug in WordPress gift card plugin with 50K installs (bleepingcomputer.com) Get it fixed – if that means waking up your web designers to check if they have already fixed it, then do it. …
Continue reading “Do you use a WordPress Gift Card Plug-in? If so it s back to work for you!”
I have just published the second part of a series of articles looking at the governance that business owners and boards should exercise over software, websites and their reputation:
These two articles from Bleeping Computer shows the wide range of cyber security issues an organisation has to be aware of and take action about. One is the traditional malware getting into your systems and stealing sensitive information which it then sends out to the threat actors, to be used …
Continue reading “Two very different hacking campaigns in the wild now”
