Short quick, news post this week. Not a terribly busy week in terms of news.
- First, some not so good news for WordPress as a new vulnerability has resulted in a breach of about 1.5 million WordPress sites. This unauthenticated privilege escalation vulnerability in a REST API endpoint was patched in 4.7.2 update but a number of sites are still vulnerable as not all users have installed the new version.
- Read More @ https://threatpost.com/1-5m-unpatched-wordpress-sites-hacked-following-vulnerability-disclosure/123691/
- A Russian hacker who stole money from thousands of bank accounts was arrested in LA. Alexander Tverdokhlebov is said to be a well connected hacker and has extensive connections to the Russian cybercriminal underground. As a result, he is being held while he awaits trial.
- Read More @ http://www.darkreading.com/attacks-breaches/alleged-russian-hacker-with-ties-to-notorious-cybercriminals-arrested-in-la/d/d-id/1328121
- Lastly, an article that suggests some of the top security certifications to have. Interesting read, though I can’t say I agree really. Aside from the SANS GSEC cert I pretty much don’t really hold much respect for any of the other certifications listed here, so needless to say my personal list would look quite a bit different from this.
- Read More @ http://resources.infosecinstitute.com/7-top-security-certifications-you-should-have/