Getting Hacked – It’s A Daily Thing! Be Vigilant.
From Chrome’s new font malware to an 11-year old Linux flaw, to almost daily WordPress hacks, and a huge web leak from Cloudflare with some six million customers — it’s getting increasingly hard to be you these days, or your IT guys, for that matter!
Massive Cloudflare bug may have leaked user data from millions of sites. While the company is said to have acted quickly to mitigate, issues remain. More at Wired
WordPress Sites are experiencing dramatically increased intrusions including those associated with the “REST API.” The recent 4.7.2 fixed four important updates, but millions of sites remain unpatched. Thousands upon thousands of vulnerable website have already been defaced or hacked with ongoing problems. Attackers can – and do — modify or delete page and post content as well as execute malicious code. So a word to the wise: if you haven’t updated your WP site to the latest version, do it now!
Vulnerable plug-ins are another huge issue. A simplified discussion and solutions can be found at WP Beginner that also discusses two recommended WP security solutions. In addition, the online WPScan Vulnerability Database is a browsable version of WPScan’s data files which are used to detect known WordPress core, plugin and theme vulnerabilities.
Recent Chrome vulnerabilities include the “missing font” malware that realistically encourages you to download the font then installs malware. In a word, don’t!
Also, Make sure you are using the latest version of Cisco’s WebEx Chrome extension a popular business tool. The flaw is said to be especially serious, so check your version under Settings-Extensions. If it is less than the newest 1.05, delete the extension and reinstall the newest version.
LINUX Serious, unnoticed flaw in Linux kernel. The “double-free” bug in the Linux kernel has been or is in the process of being patched by CoreOS, RedHat, Canonical, Debian and other Linux distributions. The bug allows attackers to execute malicious code in the kernel. Linux users should stay alert. You can read more at ZDNET
MWC More Than Phones?
The Mobile World Congress may be noted this year more for what it’s not and, perhaps, where it’s headed.
As smartphones become more of a commodity, MWC will be noted for those that mean to make waves on their own terms and later in the year: Apple’s iPhone, Samsung’s Galaxy, Google’s Pixel, and the little company that’s flexing its muscle with the OnePlus.
This year the excitement at MWC includes a healthy showing of VR and AI devices, IoT devices, and oh, yes, phones, other than the ones we mentioned.
Google’s Updated Browser Gets A Healthy Speed Boost
Have you noticed a little wind in your face using your Chrome Browser? The most popular Browser of them all just got about 28% speedier. The latest version of Chrome is said to be considerably faster by modifying reload behavior for reduced latency, power and data usage.
Windows “As A Service”
Means IT Headaches
IT folks are grumbling, and for good reason according to ZDNET. Aggressive upgrade cycles with an all or nothing deployment and no familiar “service packs,” mean IT Pros face increased deployment, servicing and learning issues. ZDNET has an in-depth overview of the IT Dilemma.