Breaking the Endless Cycle of 'Perfect' Cybercrimes ...

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

50%

tdsan,
User Rank: Ninja
6/30/2019 | 3:46:27 PM

Root cause of the problem

I think it is much easier than that:

The money divide between the have's and have not
People have been killed (drone strikes and war) and the individuals who want revenge
Nation-states have sent viruses and teams to spy on other nation-states (i.e. Stuxnet, Nitro-Zeus, Pegasys, NSA-TAO teams, China's Red-teams, Prism, Thinthread, Trailblazer, etc)
CONUS and Abroad Governments want to control and extend their reach

This is based on four historic things:

Revenge
Money/Greed
Spying/Warefare
Control

Once we identify the root-cause of the problem (Greed Money and Power) and address it from a morality standpoint (stop putting emphasis on the dollar and more on human life); the hacks and security concerns will be reduced to a thing of the past. Once people begin to see life as the most important currency and start treating each other with higher levels of respect then we will start to see the changes but until then, we will remain in a revolving cycle of turmoil.

Todd

Reply | Post Message | Messages List | Start a Board

Editors' Choice

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP, 7/9/2021

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Robert Lemos, Contributing Writer, 7/7/2021

It's in the Game (but It Shouldn't Be)

Tal Memran, Cybersecurity Expert, CYE, 7/9/2021

Live Events

Webinars

Black Hat Europe 2021 - November 8-11 - Learn More

SecTor - Canada's IT Security Conference Oct 30-Nov 4 - Learn More

@Hack - November 28-30, 2021 Saudi Arabia - Learn More

More Informa Tech Live Events

White Papers

Zero Trust and the Power of Isolation for Threat Prevention

Digital Transformation and Data Security

The Transition to Empowered Enterprise Authentication

2021 Cyberthreat Defense Report

360 Analytics for a Resilient SOC

More White Papers

Cartoon

Latest Comment: I've heard of people walking right out the front door with entire servers...

Cartoon Archive

Current Issue

Enterprise Cybersecurity Plans in a Post-Pandemic World

Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Incident Readiness and Building Response Playbook

In this special report, learn the Xs and Os of any good security incident readiness and response playbook.

Download Now!

Battle for the Endpoint

0 comments

How Enterprises are Developing Secure Applications

0 comments

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2021-24613
PUBLISHED: 2021-09-20

The Post Views Counter WordPress plugin before 1.3.5 does not sanitise or escape its Post Views Label settings, which could allow high privilege users to perform Cross-Site Scripting attacks in the frontend even when the unfiltered_html capability is disallowed

CVE-2021-24618
PUBLISHED: 2021-09-20

The Donate With QRCode WordPress plugin before 1.4.5 does not sanitise or escape its QRCode Image setting, which result into a Stored Cross-Site Scripting (XSS). Furthermore, the plugin also does not have any CSRF and capability checks in place when saving such setting, allowing any authenticated us...

CVE-2021-24635
PUBLISHED: 2021-09-20

The Visual Link Preview WordPress plugin before 2.2.3 does not enforce authorisation on several AJAX actions and has the CSRF nonce displayed for all authenticated users, allowing any authenticated user (such as subscriber) to call them and 1) Get and search through title and content of Draft post, ...

CVE-2021-24636
PUBLISHED: 2021-09-20

The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link

CVE-2021-24637
PUBLISHED: 2021-09-20

The Google Fonts Typography WordPress plugin before 3.0.3 does not escape and sanitise some of its block settings, allowing users with as role as low as Contributor to perform Stored Cross-Site Scripting attacks via blockType (combined with content), align, color, variant and fontID argument of a Gu...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]