We have written before about the importance of properly securing your WordPress website. According to a recent post on the WordFence blog, the Mossack Fonseca breach, commonly known as the “Panama Papers,” was apparently made possible by an unpatched WordPress plugin, and also a mail program that stored user credentials in plaintext..
This again reiterates the importance of keeping your WordPress version up to date (version 4.5 as of ...
Continue Reading →
I read a couple of thought provoking articles recently on the subject of data security, and more directly, on how data destruction can serve to permanently “secure” the data that is destroyed. One article appeared in the Wordfence security blog, and the other article from security and encryption guru Bruce Schneier on CNN.com.
The Wordfence article was looking at improving WordPress website security by removing unused items and information, ...
Continue Reading →
We have been recommending the Google Chromebook to our clients for use as a dedicated online banking system. The reason we like this platform even more than a Linux LiveCD boot disk is that because the Chrome operating system simply supports the operation of the notebook itself, and the Chrome browser. That’s it. There is not a way to install any programs to ...
Here’s a nice collection of 404 Not Found pictures from Pinterest.
And another
And one we shared before
And ...
Continue Reading →
Tired of cyber-creeps kicking sand in your face at the virtual beach? Microsoft wants to pump you up!!. Businesses using the Enterprise version of Windows 10 will have the option of using Microsoft’s new enhanced Windows Defender Advanced Threat Protection. In addition to providing end point security through Windows Defender, Defender ATP will connect with a cloud services based SIEM (security Information and Event Management) that will provide more ...
Recently, several major online advertising networks were tricked into distributing adverting that was infected with malware. Google, AOL, Rubicon, and AppNexus were some of the advertising distributors that were affected, and this impacted elite online publishers such as BBC, Newsweek, The New York Times, and MSN, and many many others that accepted advertsing from these networks. Most online advertising companies check ad submission for malware before publishing, but this ...
Ah, the good old days, when perimeter defenses and endpoint security software was all you needed to keep your network secure. Was it ever really that simple? Probably not, but many business owners and IT professionals are still hoping that keeping the firewall and antivirus updated is enough.
Over 90% of exploits start as an email in somebody’s inbox. According to NSS Labs, 97% of all breaches are enabled ...
Continue Reading →
I do “Remember the Alamo.” Maybe this explains why I don’t remember what happened yesterday. Brain all full of old stuff I learned in grade school, no room for new information. New information tries to find space in brain, fails, and is dropped like some packet on a congested network route.
We have spent a couple weeks talking about the dreadful state of security with many IoT devices. Now we are going to provide you will some solutions.
Most of the weaknesses inherent in these devices come from the fact that they are set up to be “easy for anyone to install.” Which means that most of them will work straight from the box without a lot of painful configuration. ...
Continue Reading →
If you are curious how some of the research we featured in the last several post was accomplished, there is a company called Censys that has developed a search engine for Internet connected devices. I took a quick look, and immediately thought of applications that I could use when penetration testing. Take a minute to read the ...