Byline: IoT is Everywhere – Your Security Should Be Too

Over a million new IoT devices are being connected to the internet daily. Experts predict that as many as 25 to 50 billon IoT devices and sensors will be deployed by 2020, for an average of 4.3 internet-connected devices for every man, woman and child on the planet. Consumer IoT devices Continue Reading

The next version of Joomla! is just around the corner

With over 700 improvements, including fantastic new features like custom fields, a multilingual association manager and an improved workflow, Joomla! 3.7 is clearly something to celebrate and it is easy to see why it has the Joomla! Community very excited. Here’s a quick look at the major new features* included Continue Reading

Microsoft Excel Files Increasingly Used To Spread Malware

Over the last few years we have received a number of emails with attached Word files that spread malware.  Now it seems that it is becoming more and more popular to spread malware using malicious Excel files. Lately, Fortinet has collected a number of email samples with Excel files attached Continue Reading

Did you order those iTunes movies? Nope, it’s just phishing for Canadian Apple users

Over the weekend, we encountered an interesting variation of a phishing email targeting Apple users. The email contained an alleged receipt for five movies purchased from the iTunes Store that was so detailed that the user who received it, and who knows better, still almost fell for the scam. Figure Continue Reading

Linux Gafgyt.B!tr Exploits Netcore Vulnerability

Over the past few months we have seen a lot of malware activity around the Netcore vulnerability, so we decided to take closer look at its exploitation. The following screen shot shows attack traffic captured through Wireshark. Figure 1 Figure 2 shows a quick enumeration of the sample. (There are Continue Reading

WordPress 4.7.1 Security and Maintenance Release

WordPress 4.7 has been downloaded over 10 million times since its release on December 6, 2016 and we are pleased to announce the immediate availability of WordPress 4.7.1. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7 and earlier are Continue Reading

2017 and the Internet: our predictions

An abbreviated version of this post originally appeared on TechCrunch Looking back over 2016, we saw the good and bad that comes with widespread use and abuse of the Internet. In both Gabon and Gambia, Internet connectivity was disrupted during elections. The contested election in Gambia started with an Internet Continue Reading

Byline: Is it Finally Time for Open Security?

One of the distinct advantages of working in the IT industry for over 35 years is all of the direct and indirect experience that brings, as well as the hindsight that comes with that. One of the more personally interesting experiences for me has been watching the growth and ultimate Continue Reading

WooCommerce Tax Rates Cross-Site Scripting Vulnerability

WooCommerce is a free eCommerce plugin for WordPress. It has been downloaded over 1 million times and over 30% of all online stores are now powered by WooCommerce. I recently discovered that WooCommerce is vulnerable to a cross-site scripting (XSS) attack. This XSS vulnerability is caused because the WooCommerce tax Continue Reading