1. The BackupBuddy plugin needs to be updated as it has a critical flaw. 2. If one allows the pingback feature (which tries to notify the blog that a someone linked to it) or notifies another blog that got linked to. It is about a service that notifies when blogs link and get linked. If … Read more
It is September 5th, 2022 and probably as good a time as any to re-evaluate where we are with a general Attack versus Defense analysis: Attackers: Only need to find one problem in defense to overcome and take advantage of to breach a system or network. Once the system is found that can be overtaken … Read more
As written on their Blog (https://blog.lastpass.com) as of August 25th: “Two weeks ago, we detected some unusual activity within portions of the LastPass development environment. After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults. “ Essentially they found a developer machine … Read more
What is Vishing? Voice phishing, also known as vishing, is the practice of eliciting information or attempting to influence action via the telephone.(from hhs.gov site) Recently, a large U.S. company fell victim to a cyber attack that leveraged sophisticated phishing techniques involving phone calls to gain access to the victim organization. Phishing campaigns continue to … Read more
As per another Black Hat talk by a reporter: “IT industry guilty of ‘lack of imagination’ in failure to anticipate cyber-attack evolution” Kim Zetter gave a talk at BlackHat USA on August 11 about how the new attacks by cyber adversaries have caught the security community flat-footed. Zetter told Black Hat USA: “[Operation Aurora] was … Read more
