Linked – WordPress hacks expose law firms’ cyber-disconnect – and, perhaps, client data

ByMike McBride February 20, 2017February 21, 2017 Reading Time: 2 minutes

The lesson, as always, don’t use WordPress or any other web-facing technology if you aren’t going to keep up to date with it.

“Earlier this month, users of the popular WordPress CMS were advised to upgrade to the latest version of the software to patch “an undisclosed critical vulnerability.” At the sound of that dogwhistle, hackers pounced, targeting the many sites whose users had not immediately pushed the update.

In the weeks since, some 1.5 million websites have been exposed and defaced, including what appear to be the sites of several hundred law firms — their marquees tagged prominently with the aliases of their attackers.”

I don’t mean to pick on WordPress necessarily in this post. WordPress actually handled things the way you would expect a software company to. They were notified of a security problem, and they patched it almost immediately. The problem is that many organizations didn’t get the patch applied in a very timely manner, and that is ultimately the problem. Law firms, especially but not exclusively, simply don’t have an infrastructure that can keep up with applying security patches. Even those that have a plan to deal with security generally have one period of time per month where they can take down systems to patch them. And that’s only after any updates have been tested in a non-production environment before being rolled out. In this case, that was far, far too slow.

That might work for some internal tools. It does not work for web-facing tools that can be accessed by hackers.

You need a better plan.

In fact, one of the biggest reasons I switched hosting providers was the ability to have my WordPress installs automatically updated when I was too busy to keep it updated myself. I’ve learned the hard way not to have un-patched versions of WordPress on my sites. There’s no reason for a law firm or other organizations to not do the same.

http://logikcull.com/blog/wordpress-hacks-expose-law-firms-cyber-disconnect-perhaps-client-data/

Follow these topics: Blogging, LawFirms, Links

Tech

Cellebrite and Law Enforcement Expect Us to Trust Them, Yet Their Tools Are on eBay?

ByMike McBride April 16, 2019April 17, 2019 Reading Time: 3 minutes

I’ve already talked on and on about how various governments expect to be able to require backdoors into encrypted data, including mobile devices. When it’s pointed out that any backdoor will eventually be used by hackers, the usual response from law enforcement is to “trust us” because they have some magic ability to prevent hackers…

Links

Reading – How to become an internal e-discovery expert

ByMike McBride October 10, 2015 Reading Time: 1 minute

Lots of links to quality eDiscovery resources in this post. Naturally, I wanted to make sure you all saw them! How to become an internal e-discovery expert Follow these topics: Links

Links

Linked – Four Ways Law Firms Are Using Technology For Exposure and Efficiency

ByMike McBride April 4, 2016April 3, 2016 Reading Time: 1 minute

This article is about lawyers and law firms, but honestly, the first two ways firms are using technology, social networks and blogs, apply to anyone who is seeking to stand out in their field. What better way to make a name for yourself that being an informational resource on social media and blogging about important…

Tech

Fake Antivirus Warnings

ByMike McBride March 18, 2009September 12, 2014 Reading Time: 1 minute

I’m sure many of you working in IT have seen Antivirus2009, or 2008 as the case may have been. It’s a fake antivirus app that gets installed as malware and does who knows what all to an infected PC. A few weeks ago I hit a site that was serving that junk in an add,…

Blogging | Links | SocialNetworking

Linked: CNN Shutting Down Its Facebook In Australia Shows How Removing 230 Will Silence Speech

ByMike McBride October 8, 2021October 18, 2021 Reading Time: 3 minutes

And this same song and dance will repeat for every single site on the internet until there’s very little left. The only companies with enough resources to actually do all the things that would be required to monitor all content, ironically, would be Google, Facebook, etc.

Gee, it’s almost like giving them a gift, eliminating ALL of the competition. It’s no wonder Facebook has been asking for regulation. They know the rest of us won’t be able to keep up.

Career | Links

Linked – 7 Typical Life Situations When You Will Need Public Speaking Skills

ByMike McBride October 27, 2016October 24, 2016 Reading Time: 2 minutes

“We all know the feeling—that moment when your heart races along a racetrack of nerves because you need to speak to the public. The audience, whether one dozen people or one thousand, can seem intimidating. Yet speeches, toasts, and other forms of public speaking can sign minds with memorable words. They allow us honor, persuade,…

Linked – WordPress hacks expose law firms’ cyber-disconnect – and, perhaps, client data

Like this:

Cellebrite and Law Enforcement Expect Us to Trust Them, Yet Their Tools Are on eBay?

Like this:

Reading – How to become an internal e-discovery expert

Like this:

Linked – Four Ways Law Firms Are Using Technology For Exposure and Efficiency

Like this:

Fake Antivirus Warnings

Like this:

Linked: CNN Shutting Down Its Facebook In Australia Shows How Removing 230 Will Silence Speech

Like this:

Linked – 7 Typical Life Situations When You Will Need Public Speaking Skills

Like this:

Leave a ReplyCancel reply

Follow Me!

Top Posts

Like this:

Similar Posts

Like this:

Like this:

Like this:

Like this:

Like this:

Like this:

Leave a ReplyCancel reply

Follow Me!

Top Posts