Happy New Year!!
A quick Saturday digest of cybersecurity news articles from other sources.
Serious Security: OpenSSL fixes “error conflation” bugs – how mixing up mistakes can lead to trouble
Have you ever seen the message “An error occurred”? Even worse, the message “This error cannot occur”? Facts matter!
Security and Your Phone: What the Risks Are and How to Stay Safe
A great article and infographic that explains the best ways to secure your smartphone.
Answer 4 Simple Questions To Avoid a Social Engineering Attack
Social engineering is a scam that attempts to have a person perform an action which is against their own self interests. It is a con. Usually, the action is to provide confidential information (e.g., login information) or to execute malicious trojan horse content.
Most social engineering attacks have four common traits, which if present, signal a far higher likelihood of a scam being involved. Asking and answering four questions can help you avoid becoming a victim. If they are present, you should go out of your way to confirm the request using an additional, more trusted method before performing any action.
Here is the flowchart of those questions:
https://blog.knowbe4.com/answer-4-questions-to-avoid-a-social-engineering-attack
CI/CD platforms: How to choose the right continuous integration and delivery system for your business
Continuous integration and delivery platforms are paramount to the success of your development team. These are the best CI/CD platforms to check out.
Conti ransomware is exploiting the Log4Shell vulnerability to the tune of millions
Log4Shell is a dangerous security concern — and now Conti, a prominent ransomware group, is exploiting it to attack vulnerable servers to extort millions of dollars.
Check for Log4j vulnerabilities with this simple-to-use script
If you’re not certain whether your Java project is free from Log4j vulnerabilities, you should try this easy-to-use scanning tool immediately.
10 Million Android Devices Have Been Infiltrated by GriftHorse Trojan Apps
Disguised as legitimate apps, the GriftHorse malware has found its way onto more than 10 million Android devices. Learn how to determine whether your phone is […]
The post 10 Million Android Devices Have Been Infiltrated by GriftHorse Trojan Apps appeared first on CHIPS.
Share
JAN
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com