There has been a new WordPress vulnerability discovered that can give an attacker the ability to delete files on the web server and take control of your web site. This was reported on the WordFence blog on June 27th.
This vulnerability applies to anyone logged in to a WordPress website with user credentials of Author, Editor, or Administrator. These roles have ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.
A hoax about ransomware called “WannaCrypt” has been widely spammed out. But is an attack of this sort technically possible?
In our last post we looked at common web and phone based scams that I have seen personally, or have been targeted at a client. Today we will examine other scams that are popular with cyber-criminals.
Some of these are targeted at specific industries or at people in positions of leadership or ownership of an organization or business.
I cannot believe the number of scam calls and emails I receive in a given day. Often I get 4 or 5 scams calls on my cell phone, and a few more on my landline. That landline has got to go, more than 90% of calls on that number are from scammers or telemarketers. Emails are even more ...
I rarely repost entire articles from the web, but this one from US-CERT’s National Cyber Awareness System is great just as it is, so we are reposting it below. The recommendations in this article apply to small business networks as well.
12/15/2015 09:41 AM EST Original release date: December 15, 2015 | ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.The S in HTTPS stands for Secure, so does the S in IoT. The stuffed toys are stuffed with security problems that we’ve known about for over ...
Continue Reading →Two weeks ago when we started this series on password security, we revealed some sad statistics. 60% of people use the same password on multiple accounts. The average person has 26 password protected accounts, but only used 5 passwords across those accounts. And 85% of people keep track of passwords through memorization.
People reuse passwords just because it is easier. I get it, I have over 100 password protected accounts (not 26) and it is not possible for me to keep ...
Continue Reading →During the last week and a half we have been investigating the sorry state of password security. Now for some more hopeful information. In this post, we will look at the current recommended standards for creating a secure password, and policy recommendations from the National Institute of Standards and Technology (NIST).
Our recommendations for password strength is to use passwords with at least 12 or more characters. The reason is that longer passwords are more secure in the face of automated ...
Continue Reading →
