Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Potential Hurricane Dorian Cyber Scams

Original release date: September 4, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain vigilant for malicious cyber activity targeting Hurricane Dorian disaster victims and potential donors. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to malicious websites. Users should exercise caution in handling any email with a hurricane-related subject line, attachment, or hyperlink. In addition, users should be wary of social media pleas, texts, or door-to-door solicitations relating to severe weather events.

To avoid becoming victims of malicious activity, users and administrators should review the following resources and take preventative measures:

If you believe you have been a victim of cybercrime, file a complaint with the Federal Bureau of Investigation Internet Crime Complaint Center at www.ic3.gov.


WordPress Releases Security Update

Original release date: September 6, 2019

WordPress 5.2.2 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the WordPress Security and Maintenance Release and upgrade to WordPress 5.2.3.


Cyber Safety for Students

Original release date: August 20, 2019

As summer break ends, many students will return to school with mobile devices, such as smart phones, tablets, and laptops. Although these devices can help students complete schoolwork and stay in touch with family and friends, there are risks associated with using them. However, there are simple steps that can help students stay safe while using their internet-connected devices.


HOAX ALERT! Facebook ‘deadline’ on making your content public is fake

Just stop believing everything you read!! There’s no privacy Armageddon coming “TOMORROW!” If there was, you couldn’t copy and paste your way out of it!


National Cyber Awareness System:

CISA Insights: Ransomware Outbreak

Original release date: August 21, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) has released its first CISA Insights product, which discusses the rapid emergence of ransomware across our Nation’s networks. CISA Insights – Ransomware Outbreak includes steps in the following key areas to help organizations protect themselves from ransomware attacks—a top priority for CISA:

  • Actions for Today – Make Sure You’re Not Tomorrow’s Headline
  • Actions to Recover If Impacted – Don’t Let a Bad Day Get Worse
  • Actions to Secure Your Environment Going Forward – Don’t Let Yourself be an Easy Mark

CISA urges organizations to review CISA Insights – Ransomware Outbreak, implement the recommendations, and visit the CISA resource page on ransomware for more information.


Cloud Security: 3 Things AWS Is Doing in Wake of Capital One Data Breach

It’s the battle against misconfigured security settings in the cloud.


Capital One Hacker Denied Bail

Transgender alleged Capital One hacker Paige Thompson was denied bail on the basis of flight and suicide risks.


Cheating Problem on Ethical Hacking Certification Exams?

The U.S. Department of Defense requires cybersecurity defenders to take exams to certify their status as ethical hackers. Unfortunately, some are suggesting the testing itself may be far from ethical. A recent investigation by the Fox affiliate in Tampa, Florida, revealed potential problems with the process for those who become certified to work at U.S. Central Command.


 

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an information technology and cybersecurity instructor for several training and certification organizations. Bob has worked in corporate, military, government, and workforce development training environments Bob is a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.