Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Social Warfare WordPress Plugin Zero-Day: Details and Attack Data

In our earlier post, we issued a warning to users of the Social Warfare plugin regarding a zero-day vulnerability affecting their sites. At this time, the plugin’s developers have issued a patch for the flaw. All users are urged to update to version 3.5.3 immediately.

John Oliver bombards the FCC with anti-robocall robocall campaign

The Last Week Tonight host launched an anti-robocalling robocalling campaign to force the FCC to put a stop to the pervasive, irritating calls.

FTC says taxpayer voice phishing scams are up nearly 20x

The real Social Security people will never call to threaten your benefits or tell you to wire money, send cash, or put money on gift cards.

Estonia’s Volunteer Cyber Militia

Estonia’s volunteer cyber-defense militia is offering advice to the US and Europe about preparing a civilian militia for defending against cyber-war.

Estonia’s militia of amateur IT workers, economists, lawyers, and other white-hat types are grouped in the city of Tartu, about 65 miles from the Russian border, and in the capital, Tallinn, about twice as far from it. The volunteers, who’ve inspired a handful of similar operations around the world, are readying themselves to defend against the kind of sustained digital attack that could cause mass service outages at hospitals, banks, and military bases, and with other critical operations, including voting systems. Officially, the team is part of Estonia’s 26,000-strong national guard, the Defense League.

Now Available: Recording of Chinese Malicious Cyber Activity Briefing

03/19/2019 01:03 PM EDT  The Cybersecurity and Infrastructure Security Agency (CISA) has posted the February 14, 2019, Awareness Briefing on Chinese Malicious Cyber Activity. This webinar provides background and mitigation techniques on Chinese malicious cyber activity targeting managed service providers (MSPs).

CISA encourages MSPs and their customers to view the February 14, 2019, Awareness Briefing on Chinese Malicious Cyber Activity and to review the page on Chinese Malicious Cyber Activity for more information.

Microsoft Ending Support for Windows 7

03/19/2019 02:14 PM EDT – All software products have a life-cycle. After January 14, 2020, Microsoft will no longer provide security updates or support for PCs running the Windows 7 operating system. After this date, this product will no longer receive free:

•         Technical support for any issues
•         Software updates
•         Security updates or fixes

Computers running the Windows 7 operating system will continue to work even after support ends. However, using unsupported software may increase the risks from viruses and other security threats.  (Personal note – this is my favorite operating system of all time, regardless of platform.  Gonna miss you, sweet Seven)

Insider Threat – Sacked IT guy annihilates 23 of his ex-employer’s AWS servers

He was fired after four weeks, ripped off the credentials of former colleague “Speedy”, and will be mulling it all over for two years in jail.



About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an information technology and cybersecurity instructor for several training and certification organizations. Bob has worked in corporate, military, government, and workforce development training environments Bob is a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.