Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Is Donald Trump Putin’s Revenge?

A two-part Frontline documentary on PBS titled Putin’s Revenge examines the rise to power of an obscure ex-KGB agent named Vladimir Putin and the tactics he used to influence the last U.S. Presidential Election.  Evidence would indicate that Putin prefers Republics to Democrats.  Worth a look.  Live stream them here.

[WordPress Security] Massive Cryptomining Campaign Targeting WordPress Sites – Update

Since we first published our blog post about the incredibly aggressive new brute force attack campaign earlier this week, we have been doing quite a bit of research into what the attacker is up to. We have just published a new post with our findings, including in-depth technical details and insight into how much money the attack has earned so far. We also provide an update on attack volumes for the last two days, along with some recommendations for keeping your site safe from these attacks.

[WordPress Security] Backdoor in Captcha Plugin Affects 300k Sites

The Captcha plugin was recently removed from the WordPress.org repository over what initially appeared to be a trademark issue. We dug deeper and discovered that the author had added a backdoor after having purchased the plugin from the original developer two months ago.

In today’s post we provide all of the details on the backdoor code that the author added along with a deep dive on the new author and their potential ties to similar attacks we’ve seen recently.

Fox-IT Security – Lessons Learned from a Man in the Middle Attack

Security firm Fox-IT was recently breached.  Read the story, it is both instructive and an interesting example about transparency and responsibility after an intrusion.

Five programming languages with hidden flaws vulnerable to hackers

Even if developers go above and beyond to avoid flaws that can be exploited by hackers, attackers can often still take advantage of bugs in the design of the underlying programming language.

Firefox to offer tracking protection for all in its next update

This next major update, Quantum, is expected to include an option to turn on Tracking Protection during normal browsing

74% of CISOs say cybersecurity hinders productivity & innovation

What’s wrong with this picture?  A CISO is a Chief Information SECURITY Officer, and should be in favor of more security, not against it, as the headline suggests.  This article actually goes in the direction of safe and sane (headline designed to grab eyeballs)  There are some interesting ideas at the end.  Worth a look.

Transport Layer Security (TLS) Vulnerability

12/13/2017 10:46 AM EST  Original release date: December 13, 2017

CERT Coordination Center (CERT/CC) has released information on a Transport Layer Security (TLS) vulnerability. Exploitation of this vulnerability could allow an attacker to access sensitive information.

The TLS vulnerability is also known as Return of Bleichenbacher’s Oracle Threat (ROBOT). ROBOT allows an attacker to obtain the RSA key necessary to decrypt TLS traffic under certain conditions. Mitigations include installing updates to affected products as they become available. US-CERT encourages users and administrators to review CERT/CC Vulnerability Note VU #144389.




About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.