Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


NHS cyber-defender Marcus Hutchins charged in US

No good deed goes unpunished – WannaCry defender accused of earlier involvement in 2014 with the Kronos banking malware.


Watch out for the Android malware that snoops on your phone

From Sophos Naked Security – GhostCtrl, being distributed by rogue versions designed to look like legitimate apps, can monitor what you do and lock up your device – beware!

And check out our recent post – Smartphones Need Security Too


IPhone Users – Something for the weekend? How about an Apple patch for BroadPwn?

From Sophos Naked Security – Apple’s latest updates include a patch for the vulnerability that could have attacked your device’s wireless hardware.


38 governors sign cybersecurity compact

As leadership of the National Governors Association changes hands, state leaders pledge commitment to bolstering cybersecurity defenses in their states.

“Cybersecurity is a technology issue, but it’s also a health issue, an education issue, a public safety issue, an economic issue and a democracy issue.”


Cybersecurity operations more difficult than it was 2 years ago

New ESG research finds more threats, more work and more alerts make it difficult for cybersecurity professionals to keep up


From WordFence Security – If You Use This Script, You’ve Probably Already Been Hacked

Several years ago, web publishing company Interconnect/IT released a handy tool for finding and replacing text in a website’s database. This tool, a stand-alone file published as searchreplacedb2.php, includes built-in WordPress compatibility that makes working with WordPress databases a breeze.

Unfortunately, it doesn’t include any authentication or security measures, which makes infecting WordPress databases equally easy.


 

0

About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Senior Cybersecurity Engineer at Computer Integration Technologies, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment