Category Archives: Security

Petya Ransomware Attack 6/27/2017

There is a nasty ransomware virus that exploits vulnerabilities in Microsoft Windows and Office that is spreading rapidly worldwide.  Once one computer on a LAN/WLAN is infected the virus can spread to other computers over the ethernet or WiFi. What you can do:  apply all of the latest Microsoft updates now. More information:  WordFence Blog … Read More »

Worldwide ransomware attack 5/12/2017

On May 12, 2017, hackers exploiting a vulnerability in Microsoft Windows have attacked a large number of PCs worldwide, including hospitals in the UK and elsewhere and have infected vulnerable PCs with “ransomware” demanding payment in order to unlock the infected computer.  The malware propagates by tricking email recipients into clicking on infected attachments.  Once… Read More »

WordPress 4.2.1 Critical Security Release

WordPress 4.2.1 Security Release WordPress 4.2.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately. April 27, 2015 the WordPress team was made aware of a cross-site scripting vulnerability, which could enable commenters to compromise a site. If your web site… Read More »

ISIL Defacements Exploiting WordPress Vulnerablities – update now

The FBI has warned that ISIL is exploiting vulnerabilities in WordPress sites running out-of-date versions of WordPress or old versions of certain plugins or themes to deface the sites. The FBI’s statement:  http://www.ic3.gov/media/2015/150407-1.aspx Sucuri’s writeup with mention of specific plugins to check:  http://blog.sucuri.net/2015/04/fbi-public-service-annoucement-defacements-exploiting-wordpress-vulnerabilities.html The current version of WordPress (as of 4/8/2015) is 4.1.1.  If you… Read More »

Don’t let your email account get hijacked – tips

Email accounts are prime targets for spammers, who can no longer send spam directly from malware-infected computers because of improved spam filtering and steps that major providers like Verizon/Comcast/Cox have taken.  If a spammer can hijack an email account, he’ll be able to send spam at high speed from a legitimate account until he gets… Read More »

eBay passwords compromised

According to Ars Technica, encrypted eBay passwords and other information have been stolen by cyberattackers.  If you have an eBay account, change your password ASAP.  If your eBay password is one you’ve used on other services, including your accounts with HIS, change those passwords too, and don’t use the same password on more than one… Read More »

Resolved: spam.his.com backlog 5/19/2014

Starting at 6:30 AM on Monday, 5/19/2014, multiple servers were hit with a high-volume spam flood from a Russian botnet that had hijacked user email accounts.  The volume was so high that spam.his.com, which filters both incoming and outgoing mail, became backlogged and mail delivery became very slow.  We identified the problem shortly after 7 AM and… Read More »