A selection of this week’s more interesting vulnerability disclosures and cyber security news. Big news out this week of a serious chained fault on WordPress. If you are running WooCommerce then you had better dive in and check this article to make sure you are not exposed:
A couple of weeks back I mentioned a curious phase of targeting publishers for some unknown reason. Well, I wonder if they were really aiming for this:
Ahhhhh…. Takes me back….. I remember my first exposure to security threats was back in 1989-90 when Cascade and Vienna viruses were spreading. I was working at a publisher and we thought it would be advantageous to try out the Norton Antivirus thing, just a precaution though, we should be safe, we were on an isolated network….. Oh dear. Riddled. Everywhere. Cleaned up with minimal affected machines thankfully:
The other stuff you can take a look at…
- Adobe ColdFusion servers under attack from APT group
- Top Australia Defence company Austal notifies a serious security breach
- Apache Struts Warns Users of Two-Year-Old Vulnerability Users must update their vulnerable libraries manually.
- Cyber-crooks think small biz is easy prey. Here”s a simple checklist to avoid becoming an easy victim (The Register)
- Dutch cops hope to cuff “hundreds” of suspects after snatching server, snooping on 250,000+ encrypted chat texts
- GDPR USA – “A year ago, hell no … More people are open to it now” House Rep says EU-like law may be mulled (The Register)
- SMBs: We don”t want to spoil all of this article, but have you patched, taken away admin rights, made backups yet?
- Web domain owners paid EasyDNS to cloak their contact info from sight. It was blabbed via public Whois anyway