Security Leftovers
A stress-free guide to keeping WordPress sites updated
We all know how important it is to keep WordPress sites updated. New updates provide the latest bug and security fixes against any nasties lurking on the web. But, more critically, an outdated site can also lead to poor performance, such as slow loading speed or an outdated look and feel.
Unfortunately, keeping your WordPress site up-to-date is not as easy as clicking a button. There are several components to consider, from theme to plugins to PHP. Even worse, updating too quickly can wreak another kind of havoc. Have you ever experienced the dreaded, "There has been a critical error on your website" warning after an innocent little update? I know I have, many times!
Here is a practical guide on what to look out for, as well as when and what to update, to ensure your WordPress site works well.
You need two accounts
During lockdown I’ve been helping friends and neighbors get set up for remote work or just remote calls. If someone is in a bind they use what they have in front of them, or what they’ve been told to use, so it’s been an interesting step back into the world of disloyal devices and horrid software.
But even if your choices are limited, there is one basic step you can take to protect your privacy: create another account. Now is as good a time as any to say, “Oh yeah, I’ve got a new account now.”
Compartmentalization
Compartmentalization is a basic security technique. You make some boxes, say “Critical” and “Trivial”, you sort things into those boxes, and you treat the boxes with different degrees of care. You might already have a folder at home for financial statements or tax invoices. At the office, you might mark and store “Confidential” documents separately.
Tor Project lays off a third of its staff
Electric Panda targets US government contractors. Apple and Google working on contact-tracing system. SFO websites compromised.
According to ESET, "The intent was to collect Windows credentials (username/NTLM hash) of visitors by exploiting an SMB feature and the file:// prefix....The targeted information was NOT the visitor's credentials to the compromised websites, but rather the visitor's own Windows credentials." ZDNet explains that "NTLM hashes can be cracked to obtain a cleartext version of a user's Windows password."
[Old] University Hospital Brno is used to test patients for coronavirus infections – cyberattack halts the operations [iophk: Windows TCO]
The second-largest hospital in the Czech Republic was hit by a massive cyberattack in the middle of the coronavirus outbreak. The incident happened on Friday night, which prompted the authorities to close down the entire IT network, majorly disrupting the operation in the facility – staff were told not to turn their computers back on. Patients who turned up at the hospital were diverted to other establishments while it is figured out how to make the systems running again.
Hospital computer system not fully restored after attack [iophk: Windows TCO]
The March 26 malware (malicious software) attack took down a number of functions at Meadville Medical Center from email to electronic medical records, the Meadville Tribune reported.
Czechs warn of imminent, large-scale cyberattacks on hospitals {iophk: Windows TCO]
The Czech Republic warned international allies on Thursday of a imminent wave of disruptive cyberattacks against the country’s hospitals and other parts of its critical infrastructure.
The country’s NUKIB cybersecurity watchdog said the attacks, designed to damage or destroy victims’ computers, were expected in coming days. Two officials with knowledge of the matter said they could begin as soon as Friday.
Czech cyber officials warn of serious threat to health care sector [iophk: Windows TCO]
The Czech advisory is the latest sign that, while the novel coronavirus has strained health care systems around the world, some malicious [attackers] are trying to exploit the additional vulnerability.
“This appears to be a serious and credible impending attack,” said Beau Woods, a cyber safety innovation fellow at the Atlantic Council. “Attacks against Central and Eastern European countries can be leading indicators of future attacks elsewhere. U.S. organizations would do well to take action now without waiting for adversaries to begin targeting them.”
[Old] Cyberattack on Czech hospital forces tech shutdown during coronavirus outbreak [iophk: Windows TCO]
Brno University Hospital is currently recovering capabilities, although it is not yet fully operational. For example, there are still no means of storing data, meaning that medics have to write and transfer their notes manually, which slows processes and potentially endangers lives.
Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic [iophk: Windows TCO]
According to the researchers, the campaign began with malicious emails sent from a spoofed address mimicking the World Health Organization (noreply@who[.]int) that were sent to a number of individuals associated with the healthcare organization that's actively involved in COVID-19 response efforts.
The email lures contained a rich text format (RTF) document named "20200323-sitrep-63-covid-19.doc," which, when opened, attempted to deliver EDA2 ransomware by exploiting a known buffer overflow vulnerability (CVE-2012-0158) in Microsoft's ListView / TreeView ActiveX controls in MSCOMCTL.OCX library.
How to delete Zoom from smartphone, PC
All of this including various other security concerns that have been raised have made doubts creep into the minds of its users who are now scared of using the platform. Many have even shifted to using different apps like Skype, Hangouts and more. If you have shifted to using a different app and do not want to use Zoom anymore, here’s how you can remove it completely from your device.
