Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

WordPress turns 15 on Sunday May 27

WordPress will be 15 years old this May 27th, 2018!  On Sunday, May 27th, we’re planning a global event celebrating the WordPress 15th Anniversary with WordPress community groups around the world.

Alexa, Siri and Google can be tricked by commands you can’t hear

Researchers have shown how attackers could trick voice assistants.

 CIA’s “Vault 7” mega-leak was an inside job, claims FBI

The suspect worked for a CIA group that designed hacking tools at the time the cyber-spying arsenal was given to WikiLeaks.

Red Hat admins, patch now – don’t let your servers get pwned!

A command injection bug in Red Hat’s DHCP client could allow an attacker to run any command on your computer. As root.

FBI Releases Article on Digital Defense Against ID Theft

05/16/2018 03:10 AM EDT Original release date: May 16, 2018

FBI has released an article on building a digital defense against identify theft. FBI explains that the growing number of data breaches put more people at risk of becoming a victim of identity theft. However, implementing basic security practices can help users minimize their risk.

NCCIC encourages consumers to review the FBI Article and the following NCCIC Tips for more information:

Mozilla Releases Security Update for Thunderbird

05/18/2018 09:15 PM EDT  Original release date: May 18, 2018

Mozilla has released a security update to address vulnerabilities in Thunderbird. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.8 and apply the necessary update.

IRS Warns Tax Professionals of Phishing Scam

05/24/2018 07:37 PM EDT  Original release date: May 24, 2018

The Internal Revenue Service (IRS) has issued a news release warning tax professionals to beware of a new phishing email scam. Cyber criminals posing as state accounting and professional associations have been sending emails to entice their targets to reveal login credentials. Tax practitioners should be wary of unsolicited emails and forward email phishing attempts related to this scam to phishing@irs.gov.

NCCIC encourages users and administrators to review the IRS news release and NCCIC’s Tip on Avoiding Social Engineering and Phishing Attacks for more information.



About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.