Cybersecurity Starts in the Boardroom
Earlier today I wrote about the FishPig/Magento supply chain attack, now I have come across another WordPress cyber security problem. A popular WordPress plugin is being actively exploited. PSA: Zero-Day Vulnerability in WPGateway Actively Exploited in the Wild (wordfence.com) The Wordfence Threat Intelligence team have warned that WordPress sites running …
Continue reading “Two WordPress vulnerability posts in a day – WPGateway zero-day vulnerability”
I have just spotted this – it is Saturday – but I thought I would put it quickly, up as many people depend on Google Chrome for shopping, banking etc: Google Chrome emergency update fixes new zero-day used in attacks (bleepingcomputer.com) This impacts the Windows, Mac, and Linux versions, is …
Continue reading “Another Google Chrome zero-day patch released”
Microsoft has issued it’s monthly round of patches and updates, SANS Internet Storm Centre has a round-up here: Microsoft August 2022 Patch Tuesday – SANS Internet Storm Center This update addresses the DogWalk zero-day vulnerability. Here are the Microsoft release notes: August 2022 Security Updates – Release Notes – Security …
Continue reading “Yesterday was Patch Tuesday – Exchange server gets a special mention”
For when you have time, here are two articles from Microsoft looking at cyberweapons: Continuing the fight against private sector cyberweapons – Microsoft On the Issues Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits – Microsoft Security Blog The view from the US Government Pegasus spyware: Just ‘tip of …
If you read the above headline and know your company has an online shop, but you are unsure what platform your website managers are using, or even who has the responsibility for the cyber security of that website, then you have an even bigger problem. If your customer’s personal information …
