Weekend Update

Happy New Year!!

A quick Saturday digest of cybersecurity news articles from other sources.

Serious Security: OpenSSL fixes “error conflation” bugs – how mixing up mistakes can lead to trouble

Have you ever seen the message “An error occurred”? Even worse, the message “This error cannot occur”? Facts matter!

Security and Your Phone:  What the Risks Are and How to Stay Safe

A great article and infographic that explains the best ways to secure your smartphone.

Answer 4 Simple Questions To Avoid a Social Engineering Attack

Social engineering is a scam that attempts to have a person perform an action which is against their own self interests. It is a con. Usually, the action is to provide confidential information (e.g., login information) or to execute malicious trojan horse content.

Most social engineering attacks have four common traits, which if present, signal a far higher likelihood of a scam being involved. Asking and answering four questions can help you avoid becoming a victim. If they are present, you should go out of your way to confirm the request using an additional, more trusted method before performing any action.

Here is the flowchart of those questions:

CI/CD platforms: How to choose the right continuous integration and delivery system for your business

Continuous integration and delivery platforms are paramount to the success of your development team. These are the best CI/CD platforms to check out.

Conti ransomware is exploiting the Log4Shell vulnerability to the tune of millions

Log4Shell is a dangerous security concern — and now Conti, a prominent ransomware group, is exploiting it to attack vulnerable servers to extort millions of dollars.

Check for Log4j vulnerabilities with this simple-to-use script

If you’re not certain whether your Java project is free from Log4j vulnerabilities, you should try this easy-to-use scanning tool immediately.

10 Million Android Devices Have Been Infiltrated by GriftHorse Trojan Apps

Disguised as legitimate apps, the GriftHorse malware has found its way onto more than 10 million Android devices. Learn how to determine whether your phone is […]

The post 10 Million Android Devices Have Been Infiltrated by GriftHorse Trojan Apps appeared first on CHIPS.



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.