Active Wordpress Malware Takes Over Thousands of Sites [link]
Our first article is about how a new malware campaign, named Active VisitorTracker has taken over thousands (+6,000) of sites and redirecting visitors to some nasty malware. Sucuri, which provides a security plugin for Wordpress as well as a website scanner, has been tracking this malware for a couple of weeks. The name came from the function that is used to redirect users, visitorTracker_isMob().
Once a site is infected, this function will be copied into all the Javascript files for the site to redirect the visitors to another website that is hosting the Nuclear Exploit Kit. The malware is spreading to sites that are using outdated plugins. For any web masters out there, make sure you are updating your sites and plugins quickly to avoid becoming an infection center and harming your visitors!
AVG to Sell Your Web History [link]
TheWired.co.uk published a story that AVG's new privacy policy will allow AVG to sell customer's web history to third parties! While previous versions of their policy said it could sell the terms you search for, it is now going to be selling your browser history. The Chief Executive of Think Privacy, Alexander Hanff is calling AVG spyware for doing this, say that it's total abuse of the trust given to security software.
In AVG's defense, they say that this is what they have to do to continue to provide free software. I do side on AVG with that. With our push on free software, companies have been forced to do things that we don't like. The good thing is that this policy doesn't take effect until Oct 15, so you have time to move away from their product if you choose to. Might be time to pay for some software that won't spy on you.
Cybersecurity's Human Factor [link]
The U.S. military is shaping up to be a security powerhouse. It repelled over 30 million malicious attacks between September 2014 to June 2015. Breaking that down, that's almost 100,000 attacks a day. What they have found to be the biggest factor in security risk is human error. Admiral Hyman Rickover, who is the Father of the Nuclear Navy, stressed six character traits to contain human error.
- Integrity, to own up to mistakes made immediately.
- Depth of Knowledge, knowing a system enough to know when something is wrong.
- Procedural Compliance, know procedures and follow them to the letter.
- Forceful Backup, any high risk task is performed by two people.
- A Questioning Attitude, questioning an anomaly.
- Formality in Communication, providing clear instructions.
The article itself goes into quite a bit more depth about how the U.S. military is finding ways to strengthen the weakest link of it's network, and there are even tips for CEO's to consider.
This quickie was a bit lengthy, but I wanted to hit the high points and then you can always visit the articles in full later, as there is a lot of good info to digest. Have a great week, and as always, stay safe goblins!
0 comments:
Post a Comment