Update This WordPress Plugin Immediately To Prevent Security Risks

Do you have a WordPress site?  Do you use the PHP Everywhere plugin? If so, you’re not alone.  More than 30,000 site owners have installed it.  It’s an excellent plugin that dramatically enhances websites using it, because it allows webmasters to place PHP pretty much anywhere on the page to display dynamic web content. Wordfence is a global team of WordPress …

Hackers Are Setting Their Sights On Linux Systems

For most of the history of the internet Linux has been able to stay below the radar of hackers around the world. While there have been some attacks that specifically targeted Linux users, they’ve managed to keep a low enough profile that it hasn’t been a major issue. According to a group of researchers from VMware, that appears to be …

Hackers Are Breaking Into Microsoft Teams And Dropping Malware

Researchers at Avanan are a Check Point subsidiary. They have recently issued a warning that anyone who uses Microsoft Teams should be aware of. According to the latest statistics, more than 270 million people use Teams every single month. According to Avanan, hackers are breaking into Team chats and attaching malicious files to ongoing conversations.  By all outward appearances the …

This Plugin Could Put Your WordPress Site At Risk

The WP HTML Mail plugin has been installed on more than 20,000 websites. If you’ve built a WordPress site for your business and you use that plugin,  be aware that you are at risk.  A high severity security flaw was recently discovered in the plugin that could allow an attacker to perform a code injection style attack that allows the …

FTC Enforcing That Businesses Patch Log4j Java Security Issue

By now you’re almost certainly aware of the Log4j Java issue. It’s a serious and fixable flaw relating to java logging. Recently the United States Federal Trade Commission (FTC) has issued a chilling warning to anyone who hasn’t yet fixed the flaw and protected against the vulnerability. The FTC’s statement reads in part as follows: “The FTC intends to use …

Update Your All In One SEO Plugin For Security Patch

Do you own and operate a WordPress website?  Do you also use the “All in One” SEO plugin? If you answered yes to both of those questions, then be aware that you’ll want to update that plugin as soon as possible. Recently security researcher Marc Montpas from Automattic Security discovered and reported a pair of critical security flaws. These flaws …

Large GoDaddy Data Breach Involves WordPress Customer Email Adresses

Are you a GoDaddy customer? Do you maintain a WordPress blog with the company? If so be advised that the company recently announced a breach of their network. An as yet unidentified third party accessed GoDaddy’s Managed WordPress hosting environment. Based on the investigation to date the intrusion began on September 6, 2021. While taking advantage of a vulnerability the …

Microsoft Windows 7 And 8 OneDrive Support Is Ending

Are you a OneDrive user running Windows 7, Windows 8, or Windows 8.1? If so be aware that on January 1st, 2022 your OneDrive desktop application will reach end of support. The company offered the following by way of explanation: “In order to focus resources on new technologies and operating systems and to provide users with the most up-to-date and …

Warn Your Employees About The New DocuSign Phishing Campaign

Phishing attacks tend to focus on executive level targets. They focus on high ranking targets who have considerable system access. That appears to be changing. A recent trend tracked by researchers from Avanan has revealed that nearly half of all phishing emails analyzed in recent months were crafted to impersonate non-executives. Additionally more than three quarters of them (77 percent) …

Wire Fraud Defense

Defending Against Wire Fraud

CEO Fraud. Business Email Compromise. Spear phishing. Wire Fraud. Pretexting. This cyberattack goes by a variety of names and may utilize a wide range of tactics, but they all come down to one thing: a malicious outsider pretends to be a legitimate boss in order to trick an unsuspecting employee into doing something they shouldn’t. Last year the scam cost …