Cyber Security Today: Important Drupal patches today, update FoxIt reader, cyber criminals like blockchain

Drupal will issue important security patches today, update your FoxIt PDF reader and why cyber criminals like blockchain.

We’re bringing you the latest cyber security news Welcome to Cyber Security Today. It’s Wednesday April 26th. 


Cyber Security Today on Amazon Alexa Subscribe to Cyber Security Today on Google Play Subscribe to Cyber Security Today on Apple Podcasts


Content management software such as WordPress and Drupal are behind many news Web sites you read. Today Drupal is scheduled to release security updates for several versions of its platform to combat a very critical vulnerability dubbed “Drupalgeddon2.” This is a follow-on to security updates issued only four weeks ago. In an advisory the Drupal Security Team urges administrators to test and install the updates as soon as possible.

Drupal is favoured by a number of organizations because it is open source. It’s now on version 8.5.

The first huge so-called Drupalgeddon was found in 2014. The latest problems allow remote attackers without special roles or permissions to take complete control of Drupal sites. Starting in early April, large scale automated attacks against vulnerable sites were seen. Last week a large number of attacks were reported against vulnerable sites. Today’s patches need to be taken seriously.

Speaking of patches, there’s a new one available for FoxIt, the free alternative to the popular Adobe Acrobat Reader for reading PDFs. Last week researchers with Cisco System’s threat intelligence service revealed five bugs that could be exploited by an attacker. To its credit, FoxIt quickly released fixes for these and a bunch of other problems it found. So those of you who use FoxIt and FoxIt Phantom, a PDF editor, should go to the FoxIt web suite and update. Make sure you are now using version 9.1.

Finally, every software vendor is trying to take advantage of blockchain, the technology that supports digital currencies like Bitcoin. Well, where industry goes criminals are quick to follow. FireEye reports that cyber criminals are using blockchains to host their malicious content. That’s because they can register blockchain domains – web sites that end in DOT-BIT or DOT-BAZAR, just like people can register a DOT COM domain. Only blockchain domains are anonymous. That makes it hard for police to shut them down. FireEye says usage of blockchain domains for malicious infrastructure will continue to gain popularity among cyber criminals worldwide.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening. 

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast