Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

How to become a cybersecurity pro: A cheat sheet (free PDF)

As cybercriminals grow more sophisticated and news of major breaches reach headlines nearly daily, cybersecurity professionals are in high demand: There are currently nearly 3 million unfilled cybersecurity jobs worldwide, ISC(2) found.

Watch Out for North Korean Malicious Cyber Activity

Original release date: September 9, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have identified two malware variants—referred to as ELECTRICFISH and BADCALL—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

CISA encourages users and administrators to review the HIDDEN COBRA – North Korean Malicious Cyber Activity page, which contains links to Malware Analysis Reports MAR-10135536-21 and MAR-10135536-10, for more information.

WordPress 5.2.3 fixes new clutch of security vulnerabilities

Update now, if you haven’t already.  WordPress version 5.2.3 has just appeared on the download pipe featuring half a dozen security fixes and software enhancements.

US city balks at paying $5.3 million ransomware demand

The attack quickly encrypted 158 workstations – and would have been worse had it struck later in the working day.

Wikipedia fights off huge DDoS attack

Wikipedia has suffered what appears to be the most disruptive Distributed Denial of Service (DDoS) attack in recent memory.

Privacy Alert – LinkedIn can’t block public profile data scraping, court rules

The long-awaited decision found that automated scraping of publicly accessible data likely doesn’t violate the CFAA.  If you put your information in a public place, everyone has a right to it.

City Bans ‘Reckless’ Leader from Email After Refusing Security Awareness Training

Would you ban an executive from using your corporate email if he or she refused to go through security awareness training? That is essentially what’s happening right now in a suburb of Memphis, Tennessee. Germantown Alderman Dean Massey, one of the city leaders, refused to do a 45-minute online security awareness training. So, the city’s IT director cut him off from city email.

My comment:  this arrogant, self-important buffoon painted a target on himself, and will be hacked to pieces.



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.