A new book uncovers the intricacies of Paul Le Roux’s cartel and how it fueled the opioid epidemic ravaging the U.S. today. This fascinating story is covered in detail on the Smithsonian website. Or read Evan Ratliff’s new book The Mastermind. I did, and the story is fascinating.
Anyone could have accessed the entire database, including a child’s location, on Gator watches and other models that share its back end.
A friend was sent this email and he forwarded it to me. It’s a brilliant new social engineering phishing scam. It will sail through all your spam / malware filters and email protection devices, because it’s entirely legit by using the DocuSign infrastructure. Prime example of an info grabbing phish that does not use a malicious payload.
They are definitely out there. I wrote about this three weeks ago, and a few days ago, in my voicemail, was part of an automated robocall from scammers claiming to be from the Social Security Administration. Here is the transcription of the call. These are all CRAP and totally bogus. Do not fall for them.
Taking your name and your Social Security number, the issue at hand is very time sensitive the very second you receive this message. I need you to return the call as soon as possible on my department number, which is +1-240-390-7683. I repeat, it’s +1-240-390-7683. If I don’t receive your call, your social security number will be suspended (funny!) to avoid all legal consequences. Call me and so on as possible because this is your last chance for the resultant of this serious case. Again, this message is for you. And this is Officer Lisa Williams from Social Security Administration. Goodbye, and have a blessed day.
Ever fat-finger (mistype) a web address and end up on a Russian porn site? Or clicked on a near-miss URL (typo-squatting) in a phishing email and end up on a illegal prescription drug website? Chrome has a new feature that advises when you may be going to the wrong website.
Multiple Vulnerabilities in WordPress Could Allow for Remote Code Execution
OVERVIEW: Multiple vulnerabilities have been discovered in WordPress, the most severe of which could allow a WordPress author to execute code remotely on the underlying server. WordPress is a web-based publishing application implemented in PHP. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution with privileges of the affected application.
THREAT INTELLIGENCE: A Proof-of-Concept has been developed by the researchers who discovered this vulnerability to demonstrate the issues.
SYSTEMS AFFECTED: WordPress 5 versions prior to 5.0.1 and WordPress 4 versions prior to 4.9.9
Upgrade your WordPress version to 5.0.3