Don’t Miss It! I am a featured speaker next Tuesday at Joule Cram Day

NEW!

Joule U . CRAM DAY

Tuesday . September 26 2017

SIX 60 MINUTE CLASSES
Learn something new! Attend one, some or all.

My presentation, Shields Up for WordPress Websites and Blogs is from 2:30 to 3:30.

I know many of the other speakers and this looks like a terrific lineup.  Block out the day and get some valuable information you can ...

Continue Reading →
0

Email Account Hijacking – Part 3 Extending the Exploit

On Monday and Wednesday we looked at email account hijacking, how it happens, and what can happen after the account is controlled by an attacker.  Today we will see how an attacker could use the beachhead they established in your email account to extend their intrusion.

They have already proven that you are susceptible to phishing and other social engineering exploits.  So sending the victim other phishing emails that allow more access ...

Continue Reading →
0

Speaking at 2017 ISSA International Conference

I am honored to be presenting at the 2017 ISSA International Conference, October 9-11 in San Diego, CA. This year’s theme is “Digital Danger Zone.” Please join me for networking, education, and fun.

I will be presenting “Shields Up for WordPress Web Sites and Blogs.”  This presentation covers the threat of website hijacking, what an attacker wants to do with your website, ...

Continue Reading →
0

Backup Options for WordPress Websites

On Wednesday we discussed the importance of backing up your website as part of a larger cybersecurity strategy.  Today we are going to look at feature considerations for you as you decide which backup plugin is right for you.

Personally, I have used both Backup WordPress and Updraft Plus, and I have been satisfied with both of them.  When you search for backup plugins, ...

Continue Reading →
0

MongoDB Ransomware Hack – What Did We Learn?

Early on Jan. 9, about 12,000 MongoDB database servers were compromised. Later the number rose to 28,000 servers.  As many as 46,000 servers are vulnerable to this attack.

A cyber-criminal using the alias “Harak1r1” exploited a weakness in the default installation of the popular database solution, MongoDB.  He demanded a 0.2BTC ransom ($220) to return the data he exfiltrated from thousands of victim systems.  Older installations of MongoDB that were deployed via cloud hosting services in an insecure default configuration were ...

Continue Reading →
0

End of the Road for SHA-1?

sha-1SHA-1 or Secure Hashing Algorithm 1 was developed in 1993 by the National Security Agency (NSA).  It has been used to provide both hashing functions and digital signatures that validate that a certain document, web site, or other resource is genuine, original, and unchanged.

SHA-1 is used in common services such as SSL (secure websites) and TLS (secure email).  There has been discussion about the low security of SHA-1 going back to 2005. ...

Continue Reading →
0

Shields Up For WordPress Websites and Blogs

mbclogofinal-smallI will be a featured presenter at the MN Blogger Conference, on Saturday October 15, at Concordia University in St.Paul, from 8:15 am to 5:15 pm.  Tickets are $20.

My presentation is titled Shields Up For WordPress Websites and Blogs.

In this presentation you will learn why WordPress sites are an attractive target for cyber-criminals and attackers, why they want to hijack your site, and how ...

Continue Reading →
0
Page 1 of 3 123