Cybersecurity Without Insanity? It could be as simple as 3 – 2 – 1…

This week: ChatGPT can do more than just your homework, a WordPress plugin vulnerability is a gift to cyber attackers, and a real-time view of security attacks.

 

[PS If you prefer to listen, I’m joined on this week’s episode of the ‘Cybersecurity Without Insanity’ podcast by guest Pádraig Mac Donnchadha, where we talk about (and around) this week’s topics. You can listen wherever you get your podcasts or at https://codeinmotion.ie/podcast/. Let me know what you think about the co-host approach.]

 

3 – ChatGPT could be a key security defence.

Not only can ChatGPT do your homework, it’s also pretty good at spotting phishing emails.

According to experiments recently performed by NTT Security, and recently mentioned by Cyber Rescue Alliance on LinkedIn, ChatGPT “can detect phishing sites with over 98% accuracy [with] an excellent ability to determine whether a domain name is legitimate and to identify social engineering techniques used in phishing sites [as well as identifying] whether the text displayed on the web page is psychologically manipulative.”

Key takeaway: It is clear that you will leverage the capabilities of AI in your security defences. (Unfortunately, it is also inevitable that the attackers will do the same.)

 

2 – Don’t forget about your website

A significant security vulnerability has been identified in UltimateMember (a popular WordPress plugin) enabling attackers to gain administrator access to websites that use the plugin.

As recently reported by Sophos Naked Security, the plugin developers say that Ultimate Member “makes it a breeze for users to sign-up and become members of your website.” Unfortunately, due to this security vulnerability which has not yet been fully addressed, it looks like attackers can sign-up and become all-powerful administrators of your WordPress website too.

Key takeaway: When you are checking your cyber security, don’t forget about the systems that your customers use (e.g. your website).

 

1 – Get a real-time view of cyber attacks

A live map showing cyber attacks across the globe in real-time has been launched by CheckPoint.

As reported in The Metro recently, the ‘Live Cyber Threat Map’ (which you can access here) “gives a startling picture of the digital frontline, where more than 850 assaults are launched against UK targets every week on average.”

Key takeaway: Is it wrong that I am mesmerised by the lovely red, purple, and yellow lines darting across the globe, even though each one is delivering its own small piece of pain to its chosen destination?