The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Attackers tried to insert backdoor into PHP source code (Help Net Security, Mar 29 2021) The PHP development team has averted an attempted supply chain compromise that could have opened a backdoor into many web servers. What
A Review of the Best News of the Week on Cybersecurity Management & Strategy Double-Extortion Ransomware Attacks Surged in 2020 (Infosecurity Magazine, Mar 30 2021) 15 ransomware families were observed using double-extortion tactics last year, compared to just one in 2019 Tim Callahan: ‘CISOs must voluntarily be part of the
A Review of the Best News of the Week on Identity Management & Web Fraud The war against the virus also fueling a war against fraud (Help Net, Mar 26 2021) TransUnion’s latest analysis of global online fraud trends found that since the COVID-19 pandemic began, fraudsters are increasing their
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Severe Flaws in Official ‘Facebook for WordPress’ Plugin (SecurityWeek, Mar 26 2021) A critical vulnerability in the official Facebook for WordPress plugin could be abused to upload arbitrary files, essentially leading to remote code execution, according
A Review of the Best News of the Week on AI, IoT, & Mobile Security T-Mobile, Verizon, AT&T Stop SMS Hijacks After Motherboard Investigation (VICE, Mar 25 2021) All the mobile carriers have mitigated a major SMS security loophole that allowed a hacker to hijack text messages for just $16.
A Review of the Best News of the Week on Cyber Threats & Defense Attackers tried to insert backdoor into PHP source code (Help Net Security, Mar 29 2021) The PHP development team has averted an attempted supply chain compromise that could have opened a backdoor into many web servers.
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Microsoft One-Click Tool Mitigates Exchange Server Attacks (Infosecurity Magazine, Mar 16 2021) Tool designed for customers without dedicated IT or cybersecurity resource 2. Exploiting Spectre Over the Internet (Schneier on Security, Mar 18 2021) “Google has demonstrated
A Review of the Best News of the Week on Cybersecurity Management & Strategy Acer Reportedly Hit With $50M Ransomware Attack (Dark Reading:, Mar 22 2021) Reports say a ransomware gang has given Acer until March 28 to pay, or it will double the ransom amount. Why SASE matters and
A Review of the Best News of the Week on Identity Management & Web Fraud Details of a Computer Banking Scam (Schneier on Security, Mar 22 2021) “This is a longish video that describes a profitable computer banking scam that’s run out of call centers in places like India. There’s