Episode 249: Edwin Kwan: Vulnerable WordPress Plugin Results in Thousands of Sites Hacked; Ian Garrett: 5 Tips to Take Zero Trust from Buzzword to Implementation; Mark Miller: CISA and FBI: AvosLocker Ransomware (Update); Marcel Brown: This Day in Tech History

Free, ungated access to all 245+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.

The stories we’re covering today.

Marcel Brown: October 12th, 1988. Hailed by Steve Jobs as a computer five years ahead of its time, NeXT Incorporated introduces their NeXT computer. While not a significant commercial success, the NeXT computer and the technology developed for it have a long and storied history.

Edwin Kwan: Thousands of WordPress websites have been compromised by attackers exploiting a vulnerability in a popular plugin. A fixed version of the plugin has been released and users are urged to update to version 4.2 or later, immediately.

Ian Garrett: Does hearing the term "zero-trust" make you roll your eyes? More organizations are taking zero-trust from a buzzword to reality as the traditional castle-in-moat approach to security is becoming obsolete. Let's cover some practical recommendations for implementing a zero-trust cybersecurity framework.

 Mark Miller: AvosLocker, the Ransomware as a Service (RaaS) group, continues to get the attention of CISA and the FBI. Yesterday, October 11, the March 2023 joint advisory on AvosLocker was updated with the latest warnings.