By Waqas
ExpressVPN’s study on the most common passwords around the world showed that 42% of people use their first name in their passwords, while 43% of them use their birth date.
This is a post from HackRead.com Read the original post: Study shows that 42% of people use their names in passwords

Password theft can make life significantly more difficult. Aside from benign major hassle, compromised passwords can easily lead to identity theft and cause serious legal issues. Therefore, it is worth paying attention to the strength of your passwords and changing them regularly or, at the latest, when you suspect your accounts have been compromised.

ExpressVPN’s study on the most common passwords around the world showed that 42% of people use their first name in their passwords, while 43% of them use their birth date. Since this information is easily traceable on social media, your accounts can be more prone to hacking attacks.

**How can someone find out my password?**

A compromised password allows unauthorized people to log into your accounts. Password compromise is usually not your fault; your data is not directly compromised on a specific computer. There’s no reason to automatically assume that an attacker has accessed or hacked your computer and is still watching it (these thoughts are only appropriate if you find that multiple passwords have been compromised in a relatively short period of time).

The most common reason is the theft of user’s personal data from various services. It is also conceivable that attackers could hack and obtain a database of users of a certain service (a so-called “Breach”) and then publish it. The password is then sold on the black market and can in fact be read by anyone. 

**How to protect yourself****Checking for fraudulent use**

You can easily check your password online. Take a look at the publicly available tools that can do this. Most of them work automatically and can send an alert when you enter your email address if they detect a leak or incident (containing your email address or password) as mentioned above.

The best-known monitoring tool is ”have I been pwned”. Here, after entering your email address, you can see which services or providers have been hacked and which user accounts have been compromised. If your account is listed, consider your password hacked and change it urgently. It is clear which one it is by looking at your password, even if it is not naturally displayed.

You can type the password directly into the Pwned Passwords tool (instead of looking for the associated email). The result is a notification of whether the password was part of a data breach and how many times it happened. The database contains over 613 million compromised passwords that have previously been proven to have been stolen.

Other password compromise checking services:

*   F-Secure
*   Firefox Monitor
*   Chrome browser
*   Avast Hack Check
*   Mirkat for Lenovo

**Discover weak and duplicated passwords at the administrator or keychain**

Password compromise detection or password weakness alerts should be available in any decent password manager. We’ve already covered them in our magazine, and you can find the best-known ones in a dedicated password managers section.

On some systems, passwords are stored in keychains that support the features mentioned above; for example, on iOS (iPhone) and macOS, the keychain warns if a password is weak or repeated across multiple services. Since iOS 14 and macOS Big Sur, the keychain can also keep track of compromised passwords. If your saved password has an exclamation mark icon next to it, you should change it right away.

1.  List of 2020’s most used passwords is here and it’s appalling
2.  Revealed: The 200 Most used and Worst Passwords of 2021
3.  Chrome on Android will alert, fix your compromised password
4.  Psst! tool by 1Password lets users share passwords using a link
5.  Nissan source code leaked, it used “admin” as username, password

**Use a password manager**

The average internet user uses so many services and apps that if they had to use unique passwords for each one, they would not be able to remember them. So, if you don’t want to give up security completely and use a single password, we recommend using a password manager.

Password managers may even suggest strong passwords, which is something to consider. Password suggestions are also built into some browsers or password manager plug-ins allow this feature. Artificial intelligence can judge better than the user what is a suitable and strong password.

The default setting for cloud-based password managers is to log in with 2FA. If you use a password manager on your phone, it usually has biometrics – fingerprint or facial recognition. This adds another layer of security to password access.

**Ustwo-factor authentication**

We regularly cover two-factor authentication (2FA) in our magazine, so the term is certainly not new to you. Simply put, 2FA adds an extra layer of protection to your login, so a simple password is no longer enough. To log in, you will still need to enter a one-time password (OTP), which is generated separately on the device you have. This is usually an app on your smartphone that shows you an OTP password for each “paired” service, which is valid for a very short period.

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Study shows that 42% of people use their names in passwords

Languages such as C and C++ rely too heavily on the programmer not making simple memory-related security errors.

Security analysts welcomed a recommendation from the US National Security Agency (NSA) last week for software developers to consider adopting languages, such as C#, Go, Java, Ruby, Rust, and Swift, that reduce memory-related vulnerabilities in code.

The NSA described these as "memory-safe" languages that manage memory automatically as part of the computer language. They do not rely on the programmer to implement memory security and instead use a combination of compile time and runtime checks to protect against memory errors, the NSA said.

**The Case for Memory-Safe Languages**

The NSA's somewhat unusual advisory on Nov. 10 pointed to widely used languages such as C and C++ as relying too heavily on programmers not to make memory-related mistakes, which it noted continues to be the top cause for security vulnerabilities in software. Previous studies — one by Microsoft in 2019 and another from Google in 2020 related to its Chrome browser, for instance — found 70% of vulnerabilities were memory-safety issues, the NSA said.

"Commonly used languages, such as C and C++, provide a lot of freedom and flexibility in memory management while relying heavily on the programmer to perform the needed checks on memory references," the NSA said. This often results in exploitable vulnerabilities tied to simple mistakes such as buffer overflow errors, memory allocation issues, and race conditions.

C#, Go, Java, Ruby, Rust, Swift, and other memory-safe languages do not completely eliminate the risk of these issues, the NSA said in its advisory. Most of them, for instance, include at least a few classes or functions that aren't memory-safe and allow the programmer to perform a potentially unsafe memory management function. Memory-safe languages can sometimes also include libraries written in languages that contain potentially unsafe memory functions.

But even with these caveats, memory-safe languages can help reduce vulnerabilities in software resulting from poor and careless memory management, the NSA said.

Tim Mackey, principal security strategist at Synopsys Cybersecurity Research Center, welcomes the NSA's recommendation. The use of memory-safe languages should, in fact, be the default for most applications, he says.

"For practical purposes, relying on developers to focus on memory management issues instead of programming cool, new features represents a tax on innovation," he says.

With memory-safe programming languages and associated frameworks, it is the authors of the language that ensure proper memory management and not the application developers, Mackey says.

**Shift Can Be Challenging**

Shifting a mature software development environment from one language to another can be hard, the NSA acknowledged. Programmers will need to learn the new language, and there are likely going to be newbie mistakes and efficiency hits during the process. The extent of memory security that is available can also vary significantly by language. Some might offer only minimal memory security, while others offer considerable protections around memory access, allocation, and management.

In addition, organizations will need to consider how much of a tradeoff they are willing to make between security and performance. "Memory safety can be costly in performance and flexibility," the NSA warned. "For languages with an extreme level of inherent protection, considerable work may be needed to simply get the program to compile due to the checks and protections."

Myriad variables are in play when trying to port an application from one language to another, says Mike Parkin, senior technical engineer at Vulcan Cyber.

"In a best-case scenario, the shift is simple and an organization can accomplish it relatively painlessly," Parkin says. "In others, the application relies on features that are trivial in the original language but require extensive and expensive development to re-create in the new one."

The use of memory-safe languages also doesn't replace the need for proper software testing, Mackey cautions. Just because a programming language is memory-safe doesn't mean the language or applications developed on it are free from bugs.

Moving from one programming language to another is a risky proposition unless you have staff that already understands both the old language and the new one, Mackey says.

"Such a migration is best done when the application is going through a major version update," he notes. "Otherwise there is the potential that inadvertent bugs are introduced as part of the migration effort."

Mackey suggests that organizations consider using microservices when it comes to shifting languages.

"With a microservices architecture, the application is decomposed into a set of services that are containerized," Mackey says. "From the perspective of a programming language, there is nothing that inherently requires that each microservice be programmed in the same programming language as other services within the same application."

**Making the Move**

Recent data from Statista shows that many developers are already using languages that are considered memory-safe. For instance, nearly two-thirds (65.6%) use JavaScript, nearly half (48.06%) use Python, one-third use Java, and nearly 28% use C#. At the same time, a substantial proportion are still using unsafe languages, such as C++ (22.5%) and C (19.25%).

"I think many organizations have already been switching away from C/C++ not only for the memory-safety issue, but also for the overall ease of development and maintenance," says Johannes Ullrich, dean of research at the SANS Technology Institute. "But there will still be legacy code bases that will have to be maintained for many years to come."

NSA's advisory offered little insight into what might have prompted its recommendation at this juncture. But John Bambenek, principal threat hunter at Netenrich, advises organizations not to ignore it.

"Memory vulnerabilities and attacks have been pervasive since the 1990s, so in general, this is good advice," he says. "With that being said, as this is coming from the NSA, I believe this advice should take added urgency and is being driven by knowledge they have and we don't."

Analysts Welcome NSA's Advice for Developers to Adopt Memory-Safe Languages

Mediatrix 4102 before v48.5.2718 allows local attackers to gain root access via the UART port.

DGW Application 48.5.2718

*   Summary
*   Security changes

**Summary**

ID

Synopsis

DGW-14973

SIP: Support additional DHE ciphers

DGW-15007

User passwords are now securely hashed

DGW-15338

OWASP: Disable access to internal UART

DGW-15442

CVE-2022-0778: Possible Denial of Service (DoS) from purposedly crafted TLS certificate

**Security changes  
**

**DGW-15442 - CVE-2022-0778: Possible Denial of Service (DoS) from purposedly crafted TLS certificate**

An important security flaw was found in the OpenSSL library affecting DGW version 48.4 and below. If exploited successfully, this vulnerability could cause the unit to reboot unexpectedly.

The CVE-2022-0778 has been addressed by upgrading the OpenSSL library to version 1.1.1n.

**DGW-15338 - OWASP: Disable access to internal UART**

Follow OWASP IoT Verification Requirement C.1:Verify that application layer debugging interfaces such USB, UART, and other serial variants are disabled or protected by a complex password.

**DGW-15007 - User passwords are now securely hashed**

User passwords are no longer saved in clear text, but instead saved in a cryptographically secure way, using the PBKDF2-HMAC-SHA256 hash algorithm.

Previously, when exporting a backup or configuration script, the passwords could be read in clear-text. Now, only the hashed passwords are visible.

A user cannot retrieve a forgotten password anymore, since it is impossible to reverse a hashed password into a clear-text password. In case all passwords are forgotten, a partial reset or factory reset can be done to restore to the factory initial passwords.

**DGW-14973 - SIP: Support additional DHE ciphers**

The SipEp service now supports the following DHE ciphers when using SIP over TLS:

*   TLS\_DHE\_RSA\_WITH\_AES\_128\_CBC\_SHA256
*   TLS\_DHE\_RSA\_WITH\_AES\_128\_GCM\_SHA256
*   TLS\_DHE\_RSA\_WITH\_AES\_256\_CBC\_SHA256
*   TLS\_DHE\_RSA\_WITH\_AES\_256\_GCM\_SHA384

**Copyright Notice**

Copyright 2022 Media5 Corporation.

This document contains information that is proprietary to Media5 Corporation.

Media5 Corporation reserves all rights to this document as well as to the Intellectual Property of the document and the technology and know-how that it includes and represents.

This publication cannot be reproduced, neither in whole nor in part, in any form whatsoever, without written prior approval by Media5 Corporation.

Media5 Corporation reserves the right to revise this publication and make changes at any time and without the obligation to notify any person and/or entity of such revisions and/or changes.

www.media5corp.com

CVE-2022-43096: DGW Security Improvement Notes v48.5.2718 - Mediatrix

By Owais Sultan
The online world has never been risk-free and in 2022 the risks posed by cybercriminals are a threat…
This is a post from HackRead.com Read the original post: 3 Simple Yet Vital Tips to Stay Safe Online

The online world has never been risk-free and in 2022 the risks posed by cybercriminals are a threat to all internet users. As scams and phishing methods become more complex there is a greater need for the individual to adopt a range of best practices to protect their personal information. 

Cybercriminals can target both individuals and businesses using a wide range of methods: malware can be activated by clicking on malicious links; personal details can be harvested simply by visiting unsecure sites. 

Whether you like to surf the internet for fun and recreation, use it as a platform for online trading, or buy a range of products and services, staying safe online should always be a priority. It is a sobering fact that thousands of pieces of malware are created every day. 

Stay safer online by following these three top tips.

**Be vigilant when trading **

Millions of people around the world now regularly trade online and increasingly that trade is in cryptocurrencies such as Bitcoin. With a wide range of cryptocurrencies now available, it is more important than ever to check that the site you trade on is secure. 

As a rule, you should only trade on sites that feature the padlock icon in their web address, such as can be seen at OKX. This padlock icon proves that the site is secure and uses SSL encryption to ensure that any financial or personal information is transmitted safely. 

It is also good practice to look at reviews from trading platforms. Customer experiences of using these sites can be a valuable source of information on the security of a platform. When trading online or undertaking any type of internet purchasing activity, it is also important to remember not to use unsecured networks.

Surfing in coffee shops and shopping malls can be an attractive proposition but should be avoided whenever any transactions are taking place; otherwise, a cybercriminal could easily pose as a contact from a website you have visited – leaving you open to phishing attacks in the future.

**Use strong passwords**

Whilst most people realize the value of having strong passwords across all the sites they use, it is still surprising how many people do not adhere to this best practice. Many consumers use the same passwords across numerous platforms and sites or use exceptionally weak passwords that can be cracked with a minimum amount of effort. 

Today, search engines can suggest strong passwords and store them securely. This method can make consumers safer online whilst also freeing the need to memorize complex passwords. Put simply, if you use weak or repetitive passwords across sites, you are making it easy for a cybercriminal to harvest your personal details or hack your accounts. 

**Stay up to date**

Another common practice that tends to be overlooked by millions of web visitors is to keep applications and devices up to date with the latest firmware. It is vitally important to check for system and firmware updates on a regular basis. Whilst many updates offer stability improvements or bug fixes, they often contain the latest security updates that keep devices and applications more secure. 

Running software or operating systems that do not have the latest patches leaves them far more vulnerable to attack, so make a point of checking for updates across your devices on a regular basis to ensure that you benefit from the latest security features. 

In summary, follow the above advice to avoid falling victim to one (or more) of the 300,000 pieces of malware that are created every day.

1.  5 Online Fraud Fighting Tips for Novices
2.  Simple Tips to Protect Yourself From Being Catfished
3.  Simple Yet Vital Crypto Security Tips for Beginners and Pros
4.  How to protect your privacy on a smartphone: 12 tips & tricks

Owais takes care of Hackread's social media from the very first day. At the same time He is pursuing for chartered accountancy and doing part time freelance writing.

3 Simple Yet Vital Tips to Stay Safe Online

OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a configuration file. This allows a normal user to create a malicious file that is loaded by LDS (running as a high-privilege user).

Title: Local Discovery Server (LDS) Description:

The Local Discovery Server (LDS) provides the necessary infrastructure to publicly expose the OPC UA Servers available on a given computer.

This download includes:

*   Windows based executable written in portable ANSI C
*   Revision history

Documentation can be found here.

**License**: OPC Redistributable Agreement of Use

*   Support
*   Roadmap
*   Tracking

**OPC Foundation membership** fees are used by the OPC Foundation for the continuous improvement of this application, which includes bug-fixes to the application and the Stack it uses, and adding new features as required by the continuous advancement of the OPC Specifications.

**Sample code/ Reference Implementations** are provided to OPC Foundation Members as-is for the primary purpose of demonstration and educational purposes. OPC Foundation Members may use the OPC Foundation deliverables for their Product development. (Members are not permitted to distribute OPC Foundation Source code (see OPC Foundation license agreement)

**Technical support** is provided in the form of sample code and synopsis documentation. The OPC Foundation will soon have a forum where the OPC Foundation members and community provide “support” for the advancement and adoption of OPC technology.

**Found a bug?** Please report any bugs to our Mantis system. Click the "Tracking" tab for a list of current work items. We welcome your bug-fixes and kindly ask you to submit them via Mantis.

**Have a Suggestion / Request for enhancement / New Features?** Please Join an OPC Foundation Member Working Group (details may be found here). You may also submit requests to the OPC Foundation email address of. All suggestions become the property of the OPC Foundation.

*   Linux version
*   Bug-fixes and enhancements as needed.

Access: Registered User

*   Downloads
*   Archives

Version

Status

Description

Date Posted  
(YYYY-MM-DD)

Download

1.04.405

Release

OPC UA Local Discovery Server MergeModule (ZIP/EXE)

2022-11-08

Icon

1.04.405

Release

OPC UA Local Discovery Server Installer (ZIP/EXE)

2022-11-08

Icon

Version

Status

Description

Date Posted  
(YYYY-MM-DD)

Download

1.04.403.476

Release

OPC UA Local Discovery Server Installer (ZIP/EXE)

2022-03-18

Icon

1.04.403.476

Release

OPC UA Local Discovery Server MergeModule (ZIP/EXE)

2022-03-18

Icon

1.03.401

Release

OPC UA Local Discovery Server (EXE/ZIP)

2019-06-18

Icon

1.03.401

Release

OPC UA Local Discovery Server MergeModule (MSM/ZIP)

2019-06-18

Icon

1.03.400

Release

OPC UA Local Discovery Server (MSI/ZIP)

2018-08-09

Icon

1.03.400

Release

OPC UA Local Discovery Server MergeModule (MSM/ZIP)

2018-08-09

Icon

Version 1.3, February 06, 2017, OPC Foundation

The terms and conditions of the Agreement apply to the Software Deliverables including without limitation any OPC Foundation:

*   updates,
*   supplements
*   Internet-based services, and
*   support services

for the Software Deliverables, unless OPC Foundation specifies that any other terms accompany such items, in which case the alternate terms specified by OPC Foundation would apply.

**BY USING THE SOURCE DELIVERABLES, YOU ACCEPT THE TERMS OF THIS AGREEMENT. IF YOU DO NOT ACCEPT THE TERMS OF THIS AGREEMENT, DO NOT USE THE SOFTWARE DELIVERABLES.**

If you comply with this Agreement, you have the rights below.

**1\. INSTALLATION AND USE RIGHTS.**

.  
You may install and use any number of copies of the Software Deliverables.

**2\. ADDITIONAL LICENSING REQUIREMENTS AND/OR USE RIGHTS.**

.  
Distributable Code. The Software Deliverables contain compiled code that you are permitted to distribute with programs you develop if you comply with the terms below.

1.  Right to Use and Distribute.

*   You may copy and distribute all files that are part of this Software Deliverables.
*   Third Party Distribution. You may permit distributors of your programs to copy and distribute the Software Deliverables as part of those programs.

3.  Distribution Requirements. For any Software Deliverables you distribute, you must:
4.  add significant primary functionality to it in your programs;
5.  require distributors and external end users to agree to terms that protect it at least as much as this Agreement;
6.  display your valid copyright notice on your programs; and
7.  indemnify, defend, and hold harmless the OPC Foundation from any claims, including attorneys’ fees, related to the distribution or use of your programs.
8.  Distribution Restrictions. You may not:

*   alter any copyright, trademark or patent notice in the Software Deliverables;
*   use the OPC Foundation’s trademarks in your programs’ names or in a way that suggests your programs come from or are endorsed by the OPC Foundation;
*   include Software Deliverables in malicious, deceptive or unlawful programs;
*   modify or distribute the source code of any Software Deliverables so that any part of it becomes subject to an Excluded License. An Excluded License is one that requires, as a condition of use, modification or distribution, that (1). the code be disclosed or distributed in source code form; or (2) permit or otherwise allow others to have the right to modify such Software Deliverables; or
*   create additional software components that directly link or directly load the Software Deliverables without accepting the corresponding source license for that Software Deliverable.

**3\. SCOPE OF LICENSE.**

The Software Deliverables are licensed, not sold. This Agreement only gives you some rights to use the Software Deliverables. The OPC Foundation reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this Agreement. In doing so, you must comply with any technical limitations in the Software Deliverables that only allow you to use it in certain ways. You may not:

*   disclose the results of any benchmark tests of the Software Deliverables to any third party without OPC Foundation’s prior written approval;
*   work around any technical limitations in the Software Deliverables;
*   reverse engineer, decompile or disassemble the Software Deliverables, except and only to the extent that applicable law expressly permits, despite this limitation;
*   make more copies of the Software Deliverables than specified in this Agreement or allowed by applicable law, despite this limitation;
*   publish the Software Deliverables for others to copy; or
*   rent, lease or lend the Software Deliverables.

**4\. BACKUP COPY.**

You may make one backup copy of the Software Deliverables. You may use such copy only to reinstall the Software.

**5\. DOCUMENTATION.**

Any person that has valid access to your computer or internal network may copy and use the documentation related to the Software Deliverables for your internal reference purposes.

**6\. EXPORT RESTRICTIONS.**

The Software Deliverables are subject to United States export laws and regulations. You must comply with all domestic and international export laws and regulations that apply to the Software Deliverables. These laws include restrictions on destinations, end users and end use.

**7\. SUPPORT SERVICES.**

Because you accept the Software3 Deliverables from OPC Foundation “as is,” OPC Foundation may not provide support services for it.

**8\. ENTIRE AGREEMENT.**

This Agreement, and the terms for supplements, updates, Internet-based services and support services that you use, are the entire Agreement for the Software Deliverables and support services.

**10\. LEGAL EFFECT**

This Agreement describes certain legal rights. You may have other rights under the laws of your country. This Agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so.

**11\. DISCLAIMER OF WARRANTY.**

THE SOFTWARE DELIVERABLES ARE LICENSED “AS-IS.” YOU BEAR THE RISK OF USING THE SPECIFICATIONS. THE OPC FOUNDATION MAKES NO WARRANTY OF ANY KIND, EXPRESSED OR IMPLIED, WITH REGARD TO THE SOFTWARE DELIVERABLES, INCLUDING BUT NOT LIMITED TO ANY WARRANTY OF TITLE OR OWNERSHIP, IMPLIED WARRANTY OF MERCHANTABILITY, OR WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE OR USE.YOU MAY HAVE ADDITIONAL CONSUMER RIGHTS UNDER YOUR LOCAL LAWS THAT THIS AGREEMENT CANNOT CHANGE. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAWS, THE OPC FOUNDATION EXCLUDES THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.  
IN NO EVENT SHALL THE OPC FOUNDATION BE LIABLE FOR ERRORS CONTAINED IN THE SOURCE DELIVERABLES OR FOR DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, RELIANCE OR COVER DAMAGES, INCLUDING LOSS OF PROFITS, REVENUE, DATA, OR USE, INCURRED BY ANY USER OR ANY THIRD PARTY IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THE SOFTWARE DELIVERABLES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE USING THE SOFTWARE DELIVERABLES IS BORNE BY YOU AND/OR THE USER.

CVE-2022-44725: Unified Architecture - OPC Foundation

By Waqas
The most prominent CMS today is WordPress which is being used by over 455 million across the globe.
This is a post from HackRead.com Read the original post: Step-by-Step Security Guide for WordPress

As the internet becomes increasingly integral to daily life, website security is more important than ever. Hackers can gain access to sensitive information, like credit card numbers and social security numbers, through websites with weak security. This can lead to identity theft and financial fraud.

Your website’s CMS (content management system) works as the backbone of your entire setup. The most prominent CMS today is WordPress which is being used by over 455 million across the globe. Naturally, WordPress is a lucrative target for cybercriminals and highlights the fact why WordPress security should never be ignored.

WordPress or another other CMS, while 100% security may be a myth, there are a few things you can do to ensure your website is secure from external and internal threats.

**Secure Hosting**

A website is a powerful tool that can help businesses of all sizes reach new customers and grow. However, a website is only as secure as the hosting provider that it uses. That’s why it’s important to choose a secure website hosting provider when setting up your website. Here are two things to look for in a secure website hosting provider:

**1. Industry-Leading Security Measures:** A good web hosting provider will have industry-leading security measures in place to protect your website from hackers and other online threats. This includes things like firewalls, DDoS protection, and malware scanning.

**2. Regular Backups:** In the event that your website is hacked or compromised, regular backups will ensure that you can quickly restore your site to its previous state. A good web hosting provider will perform regular backups of your site automatically.

**Strengthening Login Credentials**

According to studies, around 8 percent of hacked WordPress websites are due to weak passwords. However, as the largest self-hosted blogging tool in the world, WordPress has a responsibility to its users to keep their information safe. One way it does this is by natively offering two-factor authentication (2FA).

Two-factor authentication is an extra layer of security that requires not only a username and password but also something that the user has on them, like a phone. This makes it much harder for someone to hack into a WordPress account, even if they have the login credentials.

WordPress offers 2FA through several different methods, including SMS text messages, email, and authenticator apps. Which method you choose is up to you, but we recommend using an authenticator app like Authy or Google Authenticator.

**Updated Plugins**

The reason why WordPress powers millions of websites and blogs is its user-friendliness and free plugins. Although WordPress is good at adding new features and constantly issues security patches, zero-day vulnerabilities can be a calamity.

Therefore, always keep your plugins up to date because newer versions of plugins often fix security vulnerabilities that older versions had. Outdated plugins can cause compatibility issues with other plugins or with WordPress itself.

Additionally, newer versions of plugins usually have new features and improvements that can make your site run better. So next time you see a plugin update available, don’t ignore it – go ahead and update!

**Hiding WordPress Login URL**

There are a few reasons webmasters might want to change the default WordPress login URL. By doing so, you can help keep your site more secure from hackers and bots who try to gain access by brute force. Additionally, it can also deter casual users from trying to snoop around areas of your site they shouldn’t be.

If you’re running a membership site or online community, you may also want to change the login URL to something more branded and memorable for your users. By making it easy for them to find and login, you can reduce frustration and increase adoption.

Whatever your reason for wanting to change the WordPress login URL, it’s actually quite easy to do. There are a few different methods you can use, including plugins and editing code directly.

**Login Limit Plugin**

As a website owner, it’s important to make sure that your site is secure. One way to do this is by using a WordPress login limit plugin. This type of plugin will help to protect your site by limiting the number of failed login attempts.

There are many benefits of using a WordPress login limit plugin. By limiting the number of failed login attempts, you can help to prevent hackers from gaining access to your site. Additionally, this plugin can also help to improve the security of your password.

If you’re looking for a way to improve the security of your website, then we recommend that you consider using a WordPress login limit plugin.

**Security Plugins**

Using a security plugin is a must. There are many security plugins available for WordPress, but not all of them are created equal. Do some research and find a plugin that suits your needs. (We recommend looking into Wordfence or Sucuri.)

Once you’ve found a plugin, install it and activate it. Follow the instructions on the plugin’s settings page to configure it properly.

Most security plugins will offer features like blocking IP addresses, two-factor authentication, malware scanning, and more. Choose the features that are most important to you and make sure they’re enabled.

Keep your security plugin up to date by installing new versions when they’re released.

**Sharing Admin Access**

If you’re planning on giving someone else access to your WordPress admin panel, there are a few security precautions you should take first.

For starters, be sure to create a separate user account for the person to whom you’re granting access. That way, if their account is ever compromised, your main admin account will remain safe.

Next, be sure to set strong passwords for both your main admin account and the new user account. Use a combination of letters, numbers, and symbols to make it as difficult as possible for hackers to guess.

**Take Away**

Malicious actors are continuously coming up with new ways to use a company’s online presence against them, while cyber security specialists are always coming up with new ways to resist them.

This is the never-ending cycle of cybersecurity, and we’re all trapped in its center. Your WordPress site is just like any other website on the internet when it comes to cyber-attacks. However, by following the above-recommended tips and hacks, you can secure your WordPress website from cyber criminals or at least reduce the risk of being attacked. 

1.  What is WooCommerce, and Why You Should Care
2.  Tips for Using Uploader Widgets on WordPress Blogs
3.  5 WordPress Security Solutions with Free SSL Certificates
4.  Flaws in 2 famous WordPress plugins put millions of sites at risk
5.  WordPress GDPR Compliance plugin hacked to spread backdoor

Step-by-Step Security Guide for WordPress

Unified data layer enables continuous platform updates.

**Santa Clara, CA, November 17, 2022 —** Revelstoke, the next-level Security Orchestration Automation and Response (SOAR) platform, today announces several new product upgrades to include sub-workflow, case management, and indicators of compromise (IOC) automation.

Revelstoke offers Chief Information Security Officers (CISOs) and security analysts the only SOAR solution built on a unified data layer (UDL). Revelstoke automates analysis, eliminates software development needs, optimizes workflows, prevents vendor lock, scales processes, and quickly and effectively allows analysts to get to the root of incidents.

New Revelstoke capabilities include:

**Sub-Workflow Replication**

Sub-workflows allow analysts to create a repeatable process that can be reused across multiple workflows. For example, if there is a common account lockdown procedure across numerous account types, a sub-workflow allows this functionality to be created once and used in multiple locations. Revelstoke users can containerize reusable objects, saving time and allowing analysts to focus more on mission-critical issues and threats.

Without an automated sub-workflow, analysts must build a workflow every time they repeat a task manually, and organizations cannot create and manage repeatable processes across the board.

**Case Management Console**

The new Case Management console builds on Revelstoke’s unique case management offerings. The console allows at-a-glance access to all active cases, including functional quick search, pagination, and sorting. Analysts can now view data simply instead of searching through pages and pages of case number listings. In addition, analysts get single-view access to the status of cases to determine those which need attention and those that are remedied.

**IOC Database Initiation**

Revelstoke now allows analysts to search the entire UDL data store for common entities between cases and incidents. As alerts flow into cases, analysts can discover cases that are similar or have similar indicators. This represents the first step toward a robust IOC database, allowing SOC analysts to search across cases for common IOCs and build correlations.

“The capabilities of Revelstoke’s unique UDL powers a platform that can be upgraded and augmented to meet the evolving needs of Security Operations Centers,” said Josh McCarthy, Revelstoke Co-Founder, and Chief Product Officer. “We continually focus on ensuring that our customers have access to SOAR automation capabilities not offered by any other platform.”

Additional user interface capabilities include:

· Streamlined Dashboard

*   Consolidated Workflow Interface
*   Integration Management Console

· New User Preferences including Light and Dark Mode

**Multi-Tenancy**

Multi-tenancy allows for Managed Security Service Providers (MSSPs), Managed, Detection and Responders (MDRs), and large multi-national enterprise customers to segregate, but still centrally manage individual customers or business units from one "parent" account. This allows the parent to push down workflows to all the other tenants as well as offer a birds-eye view of the entire environment while allowing the individual “child tenants” to manage their own environments and not see each other's data. This is made even more powerful by the UDL which pushes down workflows from the parent to seamlessly adapt to any technology stack.

For more details on platform enhancements, please visit: https://www.revelstoke.io/resource/revelstoke-interface-v2-features-updates-and-improvements/

**About Revelstoke**

Revelstoke is the only next-generation Security Orchestration, Automation, and Response (SOAR) solution built on a Unified Data Layer that offers no-code automation and low-code customization. Revelstoke empowers CISOs and security analysts to automate analysis, eliminate software development needs, optimize workflows, prevent vendor lock, scale processes, and secure the enterprise. For more information, get on board at Revelstoke.io.

Revelstoke Upgrades SOAR Platform With Augmented Automation, Case Management, and User Interface Capabilities

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

**Botan C++ Crypto Algorithms Library 2.19.3**

Posted Nov 17, 2022

Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Added support for Kyber post-quantum KEM. Support for TLS 1.0, TLS 1.1, and DTLS 1.0 have been removed. Remove many deprecated headers. Many headers which were previously marked as becoming internal in 2.x have now been made internal. Removed several deprecated algorithms including CAST-256, MISTY1, Kasumi, DESX, XTEA, PBKDF1, MCEIES, CBC-MAC and Tiger. A few dozen other updates are also in the release notes.

tags | library

advisories | CVE-2021-24115

SHA-256 | dae047f399c5a47f087db5d3d9d9e8f11ae4985d14c928d71da1aff801802d55

Download | Favorite | View

Botan C++ Crypto Algorithms Library 2.19.3

Red Hat Security Advisory 2022-8506-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include code execution, cross site scripting, denial of service, remote SQL injection, and traversal vulnerabilities.

Red Hat Security Advisory 2022-8506-01

A China-based financially motivated group is leveraging the trust associated with popular international brands to orchestrate a large-scale phishing campaign dating back as far as 2019.
The threat actor, dubbed Fangxiao by Cyjax, is said to have registered over 42,000 imposter domains, with initial activity observed in 2017.
"It targets businesses in multiple verticals including retail, banking,

A China-based financially motivated group is leveraging the trust associated with popular international brands to orchestrate a large-scale phishing campaign dating back as far as 2019.

The threat actor, dubbed **Fangxiao** by Cyjax, is said to have registered over 42,000 imposter domains, with initial activity observed in 2017.

"It targets businesses in multiple verticals including retail, banking, travel, and energy," researchers Emily Dennison and Alana Witten said. "Promised financial or physical incentives are used to trick victims into further spreading the campaign via WhatsApp."

Users clicking on a link sent through the messaging app are directed to an actor-controlled site, which, in turn, sends them to a landing domain impersonating a well-known brand, from where the victims are once again taken to sites distributing fraudulent apps and bogus rewards.

These sites prompt the visitors to complete a survey to claim cash prizes, in exchange for which they are asked to forward the message to five groups or 20 friends. The final redirect, however, hinges on the IP address of the victim and the browser's User-Agent string.

More than 400 organizations, including Emirates, Shopee, Unilever, Indomie, Coca-Cola, McDonald's, and Knorr, are being imitated as part of the criminal scheme, the researchers said.

Alternatively, attacks wherein scammy mobile ads are clicked from an Android device have been observed to culminate in the deployment of a mobile trojan called Triada, which was recently spotted propagating via fake WhatsApp apps.

It's not just Triada, as another destination of the campaign is the Google Play Store listing of an app called "App Booster Lite - RAM Booster" (com.app.booster.lite.phonecleaner.batterysaver.cleanmaster), which has over 10 million downloads.

The app, made by a Czechia-based developer known as LocoMind, is described as a "Powerful Phone Booster," "Smart Junk Cleaner," and an "Effective Battery Saver."

Reviews for the app have called out the publisher for showing too many ads, and even point out that they "Arrived here \[the Play Store page\] from one of those 'your android is damaged x%' ads."

"Our app can't spread viruses," LocoMind responded to the review on October 31, 2022. "Each of our updates is checked by Google Play – they would have removed our app long ago for this reason."

Should the same action be performed from a device running iOS, the victim is redirected to Amazon via an affiliate link, netting the actor a commission for every purchase on the e-commerce platform made during the next 24 hours.

The threat actor's China connections stem from the presence of Mandarin text in a web service associated with aaPanel, a Python-based open source control panel for hosting multiple websites.

Further analysis of the TLS certificates issued to the survey domains in 2021 and 2022 reveals that a bulk of the registrations overlap with the UTC+08:00 time zone, which corresponds to China Standard Time from 9:00 a.m. to 11:00 p.m.

"The operators are experienced in running these kinds of imposter campaigns, willing to be dynamic to achieve their objectives, and technically and logistically capable of scaling to expand their business," the researchers said.

"The Fangxiao campaigns are effective lead generation methods which have been redirected to various domains, from malware, to referral links, to ads and adware."

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

Tag

#ssl