Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

20 Worst Passwords of 2017

Nearly identical to last year’s list.  Some people never learn.  If you are using any of these passwords, please change them now!

Announcing the Free Cyber Security for Beginners Course

Build your online security skills for free with this practical course from Heimdal Security.

Microsoft Word slams the door on DDEAUTO malware attacks

Remember how Microsoft said that DDEAUTO was a “feature”, not a vulnerability? Well, it just changed its mind – for Word, at least.  See our previous post.

Apple slows down old iPhones, study suggests

Is Apple slowing down old iPhones?  It’s a question that comes up again and again because iPhone batteries aren’t easy to replace, and a new report from a popular benchmarking app suggests the answer is yes.

Apple admits to slowing iPhones, you’re not imagining it

Apple has quietly been suppressing the CPU speed of older iPhones to stop their batteries randomly shutting off

North Korean Malicious Cyber Activity

12/21/2017 10:45 AM EST Original release date: December 21, 2017

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified Trojan malware variants—referred to as BANKSHOT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

US-CERT encourages users and administrators to review Malware Analysis Report (MAR) 10135536-B and the US-CERT page on HIDDEN COBRA – North Korean Malicious Cyber Activity for more information.

Data on 123 million US households exposed

If you’re a US householder, a humongous trove of your personal data was available on an easily-accessible file.  And no, this is not Equifax, this is another stupid marketing company.

Intel chips have a security hole

Everybody and their uncle has written about this issue, so I won’t be.  This is an enormous and serious issue that can only be fixed by replacing nearly every Intel CPU in every device that has been deployed in the last 5-10 years.  Software patches that will partially remediate the issue are available.  Install them now.  For more detailed information see the following articles posted elsewhere.


About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.