Category: alerts
Category Added in a WPeMatico Campaign
-
Pulse Secure VPNs Get Quick Fix for Critical RCE
One of the workaround XML files automatically deactivates protection from an earlier workaround: a potential path to older vulnerabilities being opened again. Read more
-
Restaurant Reservation System Patches Easy-to-Exploit XSS Bug
A WordPress reservation plugin has a vulnerability that allows unauthenticated hackers to access reservation data stored by site owners. Read more
-
Vulnerability Summary for the Week of May 17, 2021
Original release date: May 24, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info cars-seller-auto-classifieds-script_project — cars-seller-auto-classifieds-script The request_list_request AJAX call of the Car Seller – Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitise, validate or escape the order_id… Read more
-
WP Statistics Bug Allows Attackers to Lift Data from WordPress Sites
The plugin, installed on hundreds of thousands of sites, allows anyone to filch database info without having to be logged in. Read more
-
Four Android Bugs Being Exploited in the Wild
On Wednesday, Google quietly slipped updates into its May 3 Android security bulletin for bugs that its Project Zero group has confirmed are zero-days. Read more
-
Apple Exec Calls Level of Mac Malware ‘Unacceptable’
Company is using threat of attacks as defense in case brought against it by Epic Games after Fortnite was booted from the App Store for trying to circumvent developer fees. Read more
-
Update to CISA-FBI Joint Cybersecurity Advisory on DarkSide Ransomware
Original release date: May 19, 2021 CISA and the Federal Bureau of Investigation (FBI) have updated Joint Cybersecurity Advisory AA21-131A: DarkSide Ransomware: Best Practices for Preventing Disruption from Ransomware Attacks, originally released May 11, 2021. This update provides a downloadable STIX file of indicators of compromise (IOCs) to help network defenders find and mitigate activity… Read more
-
Can Nanotech Secure IoT Devices From the Inside-Out?
Work’s being done with uber-lightweight nanoagents on every IoT device to stop malicious behavior, such as a scourge of botnet attacks, among other threats. Read more
-
Keksec Cybergang Debuts Simps Botnet for Gaming DDoS
The newly discovered malware infects IoT devices in tandem with the prolific Gafgyt botnet, using known security vulnerabilities. Read more
-
Windows PoC Exploit Released for Wormable RCE
The exploit pries open CVE-2021-31166, a bug with a CVSS score of 9.8 that was the baddest of the bad in Microsoft’s Patch Tuesday release last week. Read more