Cyber ​​Security Today – Some CISO salaries are up, the LockBit gang is in trouble, and scammers are taking advantage of poorly secured WordPress sites

Meta description

Some CISO salaries are up, the LockBit gang is in trouble, and scammers are taking advantage of poorly secured WordPress sites.

Welcome to Cyber ​​Security Today. Today is Monday, August 22, 2022. I’m Howard Solomon, contributing cybersecurity reporter for ITWorldCanada.com.

Wages information security managers in the United States continue to increase. According to the annual survey of CISOs conducted by executive search firm Heidrick and Struggles, the median cash compensation of US CISOs surveyed in the spring was US$584,000. This represents an increase of 15% on last year and 23% on 2020. Median wages also increased by 4% in the UK. The survey also questioned the salaries of CISOs in Germany. Note that more than two-thirds of respondents in all three countries worked for large companies that generated at least $5 billion in revenue. The survey also asked CISOs from more countries about organizational issues. Only eight percent of respondents report directly to the CEO. The rest report to the CIO, CTO or other senior manager. Eighty-eight percent said they also report to the full board or a committee of the board.

The LockBit ransomware gang began posting data over the weekend that it says was stolen from security firm Entrust in July. At least temporarily. On Sunday, it was reported that LockBit’s data leak site was offline. LockBit claims it’s because of a denial of service attack. Did Entrust hit back? Nobody knows. Entrust is a leading provider of identity verification solutions for payment cards, customers and employees. According to Security Week, Entrust admitted that threat actors had accessed human resources, financial and marketing information. Entrust says there is no evidence that the function or safety of its products were affected.

Hackers take advantage of poorly secured WordPress websites in several ways. According to Securi researchers, the latest is to pop fake CloudFlare denial of service warning messages on users’ screens. When the user clicks on a prompt to download a verification code to access the site, malware is downloaded instead. How? An attacker breaks into the WordPress site and installs a JavaScript program that compromises the website. The lesson is that WordPress admins have tightened security. First, make sure all software on the site is up to date. Second, anyone who can access a WordPress site should be required to use a strong password, backed by multi-factor authentication. Third, put your website behind a firewall. And fourth, regularly monitor your WordPress code for any compromises.

Companies in the hospitality and travel industries, including hotels, are warned that a criminal group is targeting them. The vast majority of phishing messages intended for companies targeted by this group are written in Portuguese or Spanish. However, some are written in English. This means that the number of American and Canadian targets could increase. Dubbed TA558 by Proofpoint researchers, this group recently began sending emails containing links to infected web pages or infected documents. Phishing messages may refer to a fake QuickBooks reservation or invoice. Data theft seems to be the motive. Employees in the hospitality and travel industries – in fact, all industries – should exercise caution when handling messages containing links and attachments. Better to ask for advice than to be a victim.

To finish, other malicious apps have been found in the Google Play Store. BitDefender researchers recently discovered 35 bad apps. The job of most of them is to serve ads to victims. What is different with many of these apps is that after installing on a device, they hide themselves. How? By renaming themselves and changing their icon, it is harder for you to find and remove them. For example, an app called “GPS Location Maps” changes its label to “Settings”. Google tries to filter applications. Most of the Play Store are good. But scammers sometimes miss the defenses. So remember: don’t install apps you really don’t need; delete apps you no longer use; beware of apps with a large number of downloads but few or no reviews; and beware of apps that, after installation, ask for special permissions, such as access to accessibility controls.

That’s all for the moment. Remember that links to podcast story details are in the text version on ITWorldCanada.com. This is where you will also find other stories of mine.

Follow Cyber ​​Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I am Howard Solomon

Comment here