I am often asked by frustrated clients “Why doesn’t traditional anti-virus and Internet security software products work?” The unfortunate answer I have to give them is “It’s your fault.” The more diplomatic answer I really use is that the security software cannot prevent something that is explicitly allowed by the computer user. And the computer user is easily tricked into opening a file ...
Just a quick note to my WordPress pals – the latest update, WordPress 4.2.3, has an import fix for a cross site scripting (XSS) vulnerability that leaves your site vulnerable to attack. According to Sophos:
Continue Reading →“The flaw allows WordPress users who have Contributor or Author roles to add javascript to a site (something normally reserved for Editors and Administrators) using specially crafted
If you are running a Linux server or Linux desktop in your environment, you need to consider the following security strategies. Linux users suffer in some cases from the popular delusions of invulnerability that Apple users are prone to, and for some of the same reasons. Such as, most malware only runs on Windows so why should I care? Or, Linus is such a small target with less than 2% ...
We usually limit our discussion in this blog to cybersecurity articles that would be of interest to average users, and this is not really one of those topics. But because the exploit is getting some press, and the exploit name, “venom,” is attention grabbing, we thought we would discuss it here.
The Venom exploit only matters to those of us who are using virtual machines. A virtual machine is created using ...
Continue Reading →