Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Passcodes are protected by Fifth Amendment, says court

You do not have to give your passcode to the police.  The courts say it amounts to self-incrimination.  The government isn’t really after the password, after all; it’s after any potential evidence it protects. In other words: fishing expedition.


ST15-003: Before You Connect a New Computer to the Internet

12/15/2015 06:07 PM EST  Last revised: October 29, 2018

Because computers play such critical roles in our lives, and because we input and view so much personally identifiable information (PII) on them, it’s imperative to implement and maintain computer security. Strong computer security ensures safe processing and storage of our information.  Read the full article to receive all the valuable tips.


ST18-006: Website Security

11/01/2018 12:20 PM EDT  Original release date: November 01, 2018

Website security refers to the protection of personal and organizational public-facing websites from cyberattacks.  Cyberattacks against public-facing websites—regardless of size—are common.  Read this article for tips on securing yours.


Update now! WordPress sites vulnerable to WooCommerce plugin flaw

Researchers have published details of a dangerous flaw in the way the hugely popular WooCommerce plugin interacts with WordPress that could allow an attacker with access to a single account to take over an entire site.


[WordPress Security] Trends Emerging Following Vulnerability in WP GDPR Compliance Plugin

Wordfence Threat Intelligence Team has been monitoring attacks that are targeting the recently reported vulnerability in the WP GDPR Compliance plugin. To help developers, security operations staff and other defenders, we have published a technical post that describes the TTPs (tactics, techniques and procedures) and the IOCs (Indicators of Compromise) associated with the attackers.


VMware Releases Security Updates

11/09/2018 01:59 PM EST  Original release date: November 09, 2018

VMware has released security updates to address vulnerabilities in ESXi, Workstation, and Fusion. An attacker could exploit these vulnerabilities to take control of an affected system.  NCCIC encourages users and administrators to review the VMware Security Advisory VMSA-2018-0027 and apply the necessary updates.


Problems with VirtualBox, too.

A security researcher has published a zero-day flaw in a commonly-used virtual machine management system without notifying the vendor, justifying it with a scathing critique of the info-sec industry.


 

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.