Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Solved: Jetpack Generating Mysterious Admin Email Change Messages

This entry was posted in WordPress Security on May 2, 2018 by Mark Maunder

Although there is nothing to worry about, you may want to read this post from WordFence.

We’ve received quite a few questions about this in the past 24 hours, either via forums, email or twitter. Roughly 14 hours ago we started seeing reports that WordPress site owners running Jetpack were receiving emails that stated the following:

You recently requested to have the administration email address on your site changed.
If this is correct, please click on the following link to change it: [link]
You can safely ignore and delete this email if you do not want to take this action.
This email has been sent to [email]


Facebook’s getting a clear history button

“This is an example of the kind of control we think you should have.”


Gmail users, here’s how (and why) you should set up prompt-based 2FA

2FA just got better so don’t be like everyone else – actually use it!


Yahoo mega-breach hacker faces nearly 8 years in prison

The hacker exposed half a billion Yahoo accounts on behalf of Russia’s FSB


 Yahoo fined $35m for staying quiet about mega breach

Remember the 1 billion records exposed?  The smallest thing about the Yahoo mega-breach is the fine.


Medical devices vulnerable to KRACK Wi-Fi attacks

Some KRACKs still haven’t been papered over.


Volkswagen and Audi car infotainment systems hacked remotely

Researchers found a way into both cars through the Wi-Fi interface.

0

About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.