Tag Archives: Cyber-Security

Hackers exploit critical vulnerability found in 100,000 WordPress sites

by Dan Goodin, ARS Technica – 

Flaw in ThemeGrill plugin lets attackers wipe sites clean and possibly take them over.

Hackers are actively exploiting a critical WordPress plugin vulnerability that allows them to completely wipe all website databases and, in some cases, seize complete control of affected sites.

Continue reading Hackers exploit critical vulnerability found in 100,000 WordPress sites

What your security scientists can learn from your data scientists to improve cybersecurity

by Michael Schiebel, TechCrunch

Security remains one of the top unresolved challenges for businesses. Billions of dollars have been spent on security technology over the last 30 years, yet hackers seem to be more successful than ever. Every organization is now under extreme threat, all the time.

Today, hacking is a much more complex art than it used to be: It no longer only involves just scanning and penetrating the network via a vulnerability. Yet the traditional security tools used by most companies are often inadequate because they still focus on this, ignoring what is now a very complex post-compromise chain of events. Continue reading What your security scientists can learn from your data scientists to improve cybersecurity

Hacking group uses Google services to control malware

by Sead Fadilpasic, betanews

Carbanak, a powerful cyber-crime group, is using certain Google services as command and control for its malware and other malicious elements. The news was released by cybersecurity firm Forcepoint this week.

Forcepoint uncovered a trojanized RTF document, which, once ran, will “send and receive commands to and from Google Apps Script, Google Sheets, and Google Forms services.” Continue reading Hacking group uses Google services to control malware

The most common and worse password of 2016 ‘123456’

by Jigar, News In Bits

A leading cyber security company has released a list of worst passwords of 2016. ‘123456’ has topped the list. 17% of people use 123456 no wonder this was the same worse password as last year, due to a rapid growth of information and technology password is very tough to select for so many accounts like we hear this from childhood that ‘keep your password different from another accounts’.

On August 31, 2014, a collection of almost 500 private pictures of various celebrities, mostly women, and with much-containing nudity, were posted on the image board 4chan, and later disseminated by other users on websites and social networks such as Imgur and Reddit. The event, which media outlets and Internet users referred to under names such as “The Fappening”. Continue reading The most common and worse password of 2016 ‘123456’

‘Zero Trust’: The Way Forward in Cybersecurity

by John Kindervag, Dark Reading

This approach to network design can cut the chance of a breach

Data breaches are all over the news. Yahoo admitted that at least 500 million user accounts were affected by a 2014 cybersecurity breach. The 2016 election season was filled with revelations gleaned from stolen emails. The Justice Department, Internal Revenue Service, the US Navy, and Snapchat all suffered breaches in 2016. The list seems endless. Most significant, however, were the 2015 breaches of the Office of Personnel Management (OPM), which experienced two separate cybersecurity incidents that resulted in stolen personnel files of almost 22 million people who had undergone background investigations. Continue reading ‘Zero Trust’: The Way Forward in Cybersecurity