Naturally, I am a loyal WordPress user as I and millions of others use the platform regularly. With World Cup fever the past few weeks (except the USA), it’s no surprise that botnets and spammers have taken advantage of the opportunity to push advertising and traffic revenue through unsolicited comment links.
I haven’t seen the issue pop up on my two blogs, but perhaps WP’s spam filter is doing a bang up job.
I hope you all had a great Fourth of July. I’m sure many of you are taking extra time off. Enjoy it!
I took a longer hiatus than I expected. As noted on my other blog, I was away due to health issues and needed to take a break. Prior to that was a bunch of school-related events, so it has been over a month since my last post. I’m looking forward to writing about tech, code, and security in more detail again soon (along with the python training I’ve doing the past year). There is so much to catch up on and I’m behind.
Alas, I do have a couple of doozies to share for tonight:
https://www.bleepingcomputer.com/news/security/all-radio-427-portable-cant-be-removed-then-your-pc-is-severely-infected/ (Miner, trojan, rootkit, and spammer all in one!)
My son’s school had their annual field trip to Knott’s Berry Farm and therefore taking a break on writing tonight. Back next week!
As we learned the beginning of this year, securing our computers has become a more difficult and murky process.
Recently, additional security flaws found in Intel processors were discovered by Google’s Project Zero. These new flaws are called “Spectre Next Generation” or “Spectre NG.” Four of the flaws are considered “high risk” whereas the rest are considered “medium.”
Additional architectures and chipsets, such as ARM or from AMD respectively, are still being investigated for similar flaws.
Chipset security is going to be a rollercoaster ride for the coming years as we come to grips with a design and market history of raw performance over security concerns.
Maintaining strong security on any publicly accessible platform is incredibly difficult. Sometimes it’s just a matter of human error and bugs that expose sensitive user data. Case in point, Twitter noticed that user passwords were stored in plain text in a user log (I’ve seen a similar bug happen first-hand in my last job). Therefore, they highly advise changing existing passwords, even though no evidence of a breach was discovered.
I went ahead and changed mines today. It’s a sound idea.
Last week was the RSA Conference and my company, like any other company in cybersecurity, attempted to make a splash and its presence known. Of course, in vying for attention and being “in the know,” industry buzzwords were getting through out like free sessions of “Mario Kart.” Case in point: