A quick Saturday digest of cybersecurity news articles from other sources.
NHS cyber-defender Marcus Hutchins charged in US
No good deed goes unpunished – WannaCry defender accused of earlier involvement in 2014 with the Kronos banking malware.
Watch out for the Android malware that snoops on your phone
From Sophos Naked Security – GhostCtrl, being distributed by rogue versions designed to look like legitimate apps, can monitor what you do and lock up your device – beware!
And check out our recent post – Smartphones Need Security Too
IPhone Users – Something for the weekend? How about an Apple patch for BroadPwn?
From Sophos Naked Security – Apple’s latest updates include a patch for the vulnerability that could have attacked your device’s wireless hardware.
38 governors sign cybersecurity compact
As leadership of the National Governors Association changes hands, state leaders pledge commitment to bolstering cybersecurity defenses in their states.
“Cybersecurity is a technology issue, but it’s also a health issue, an education issue, a public safety issue, an economic issue and a democracy issue.”
Cybersecurity operations more difficult than it was 2 years ago
From WordFence Security – If You Use This Script, You’ve Probably Already Been Hacked
Several years ago, web publishing company Interconnect/IT released a handy tool for finding and replacing text in a website’s database. This tool, a stand-alone file published as searchreplacedb2.php, includes built-in WordPress compatibility that makes working with WordPress databases a breeze.
Unfortunately, it doesn’t include any authentication or security measures, which makes infecting WordPress databases equally easy.
AUG
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com