New Report Shows WordPress To Be The Most Hacked CMS On The Web
zdnet.com- Author: Catalin Cimpanu - Date: March 5th, 2019
Due to its popularity as the most used CMS on the web, it is no surprise that Wordpress has been reported to be the most hacked CMS on the web as well. Security vendor Sucuri published a report stating that 90 percent of hacked CMS sites are running some version of WordPress. The reasons for why WordPress sites are often hacked are mostly due to server/site misconfigurations, outdated plugins, and overall lack of site maintenance from site administrators.
W3C’s New Standard For Web Authentication Uses Physical Hardware For Authentication
theverge.com- Author: Jon Porter - Date: March 4th, 2019
This week the World Wide Web Consortium, or W3C for short, has begun to put in place a new authentication standard that would replace the older convention of using passwords for authentication and instead, use physical hardware for authentication. WebAuthn (short for web authentication) is an API that allows websites to communicate with a physical device to allow users to log in to their accounts. The types of physical devices range from a FIDO security key that can plug into the computer via the USB port or a biometric device.
Update Your Google Chrome Browser To 72.0.3626.121 Immediately
nakedsecurity.sophos.com.com- Author: Paul Ducklin - Date: March 6th, 2019
If you use Google Chrome as your browser of choice it is highly imperative that you upgrade your chrome to version 72.0.3626.121. If you use Google Chrome as your browser of choice it is highly imperative that you upgrade your chrome to version 72.0.3626.121. To check if you are running this version simple type the following into the address bar in your chrome browser: chrome://settings/help. Doing so will not only display which version of Chrome you are using but it will also perform an update check and provide an easy way to update to the latest version of chrome that applies this important security update. The vulnerability would, in theory, allow bad actors to perform remote code execution attacks on victims’ machines
NSA Tool For Reverse Engineering Released As Open Source
wired.com - Author: Lily Hay Newman - Date: March 5th, 2019
At the RSA security conference in San Francisco, the NSA demonstrated a Ghirda, a reverse engineering tool that they use internally at their organization. It was also announced that they would make the tool open source. Although the intent behind this decision is to allow security researchers in the United States to further understand how malicious and non-malicious pieces of software work it will no doubt be used worldwide outside the U.S.
‘Swiper no Swiping!’ A Seemingly Harmless Fox Runs Off With a Man’s Wallet
Newsflare - Date: February 25th, 2019
In this week’s Security Treat of The Week, we see a man calling over to a fox in the street in order to get a good shot of it in his phone shot video. Little did he know that this interaction would go south very quickly.
After calling for the fox, it cautiously approaches the man as it makes its way to his bag on the floor. The fox then sees a shiny black wallet sticking out from the bag and without hesitation swipes it and takes off!
In the remaining seconds of the video, we see the man chasing after the fox throughout the town not being able to catch up with it. We will never know from the video if the man ever got his wallet back, but we can only hope that he did.
Click on the link below to watch the full video!