WyzGuys Tech Talk

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

CISSP and Security+ Cybersecurity Classes at RCTC Starting Soon

CISSP Certified Information Systems Security Exam Prep – NEW!

Accelerate your cybersecurity career with the world’s premier cybersecurity certification – the Certified Information Systems Security Professional (CISSP). The CISSP certification was created to ensure professionals in computer security have standardized knowledge of the field. Earning the CISSP proves you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program and will help you advance your career as a computer security professional. Our state-of-the-art hybrid course pairs interactive online modules with 11 weeks of virtual instructor-led sessions, for a comprehensive CISSP exam prep program.

W, 9/21-12/7, 6-9pm| 11 weeks | $2999 | Instructor: Bob Weiss | Register by: 9/7

Download PDF


CompTIA(r) Security+ Certification Prep – NEW!

Looking to launch a career in the IT field? The CompTIA(r) Security+ Certification is the industry standard for establishing a career in security and is the preferred qualifying credential for early career cybersecurity professionals. Our expert-led, 48-hour live online course will prepare you to pass the CompTIA(r) Security+ Exam and receive certification.  We’ll cover various IT security topics such as cryptography and access control, as well as topics in the business-related IT subfields of risk management and disaster recovery. Learn everything you need to know to pass your CompTIA(r) Security+ Exam!

M & Th, 9/19-11/10, 6-9pm| 8 weeks | $1999 | Instructor: Bob Weiss | Register by: 9/5

Download PDF


Link to register for either class:


Scam Centers, Trafficking Victims Are Being Forced to Steal Billions

Thousands of imprisoned and abused workers are propping up Southeast Asia’s ‘pig butchering’ industry, an online fraud emptying bank accounts across the world.

Here you go – seven thoughtful cybersecurity tips to help you travel safely… We decided to answer the most common travel questions that people either [a] worry about instead of informing themselves before they set off, or [b] don’t think about at all until it’s too late.  Here you are – have fun, but travel safely!  More…

Attackers scan 1.6 million WordPress sites for vulnerable plugin

Security researchers have detected a massive campaign that scanned close to 1.6 million WordPress sites for the presence of a vulnerable plugin that allows uploading files without authentication.

The attackers are targeting the Kaswara Modern WPBakery Page Builder, which has been abandoned by its author before receiving a patch for a critical severity flaw tracked as CVE-2021-24284.

The vulnerability would allow an unauthenticated attacker to inject malicious Javascript to sites using any version of the plugin and perform actions like uploading and deleting files, which could lead to complete takeover of the site.  More…

Why 8kun Went Offline During the January 6 Hearings

By Brian Krebs
July 15, 2022
[Bob says, This to me seems like a suppression of free speech.  Even if the speaker is wrong, they still have a right to expression under the First Amendment]

The latest Jan. 6 committee hearing on Tuesday examined the role of conspiracy theory communities like 8kun[.]top and TheDonald[.]win in helping to organize and galvanize supporters who responded to former President Trump’s invitation to “be wild” in Washington, D.C. on that chaotic day. At the same time the committee was hearing video testimony from 8kun founder Jim Watkins, 8kun and a slew of similar websites were suddenly yanked offline. Watkins suggested the outage was somehow related to the work of the committee, but the truth is KrebsOnSecurity was responsible and the timing was pure coincidence.

Why North Korean cybercriminals are targeting businesses with ransomware

Microsoft says a ransomware gang calling itself H0lyGh0st may be sponsored by the North Korean government as a way for the country to offset its struggling economy.

Ransomware attacks are typically staged by private criminal groups to make money through victimizing vulnerable organizations. But what happens when a hostile nation-state sponsors that same tactic? A new report by the Microsoft Threat Intelligence Center examines a series of ransomware attacks with ties to North Korea.

Since June of 2021, a cybercriminal group dubbed DEV-0530 by Microsoft but calling itself H0lyGh0st has launched ransomware attacks primarily against small and mid-sized businesses across different countries. The gang encrypts sensitive files on a compromised system, sends the victim a sample file as proof of the attack and then demands payment in the form of Bitcoin to decrypt the data. If the ransom is paid, the files presumably are restored. If not, the group threatens to send the data to customers of the victim or publish them on social media.  More…



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.