ATENTION‼ New - CVE-2017-18598
📖 Read
via "National Vulnerability Database".
The Qards plugin through 2017-10-11 for WordPress has XSS via a remote document specified in the url parameter to html2canvasproxy.php.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18597
📖 Read
via "National Vulnerability Database".
The jtrt-responsive-tables plugin before 4.1.2 for WordPress has SQL Injection via the admin/class-jtrt-responsive-tables-admin.php tableId parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18596
📖 Read
via "National Vulnerability Database".
The elementor plugin before 1.8.0 for WordPress has incorrect access control for internal functions.📖 Read
via "National Vulnerability Database".
❌ U.S. Manufacturer Most Recent Target of LokiBot Malspam Campaign ❌
📖 Read
via "Threatpost".
A large U.S. manufacturing company is the latest organization to be targeted with the LokiBot trojan - although this most recent campaign harbored some bizarre red flags.📖 Read
via "Threatpost".
Threat Post
U.S. Manufacturer Most Recent Target of LokiBot Malspam Campaign
A large U.S. manufacturing company is the latest organization to be targeted with the LokiBot trojan - although this most recent campaign harbored some bizarre red flags.
🕴 AI Is Everywhere, but Don't Ignore the Basics 🕴
📖 Read
via "Dark Reading: ".
Artificial intelligence is no substitute for common sense, and it works best in combination with conventional cybersecurity technology. Here are the basic requirements and best practices you need to know.📖 Read
via "Dark Reading: ".
Dark Reading
AI Is Everywhere, but Don't Ignore the Basics
Artificial intelligence is no substitute for common sense, and it works best in combination with conventional cybersecurity technology. Here are the basic requirements and best practices you need to know.
ATENTION‼ New - CVE-2017-18611
📖 Read
via "National Vulnerability Database".
The magic-fields plugin before 1.7.2 for WordPress has XSS via the RCCWP_CreateCustomFieldPage.php custom-field-css parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18610
📖 Read
via "National Vulnerability Database".
The magic-fields plugin before 1.7.2 for WordPress has XSS via the RCCWP_CreateCustomFieldPage.php custom-group-id parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18609
📖 Read
via "National Vulnerability Database".
The magic-fields plugin before 1.7.2 for WordPress has XSS via the custom-write-panel-id parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18608
📖 Read
via "National Vulnerability Database".
The spotim-comments plugin before 4.0.4 for WordPress has multiple XSS issues.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18607
📖 Read
via "National Vulnerability Database".
The avada theme before 5.1.5 for WordPress has CSRF.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18606
📖 Read
via "National Vulnerability Database".
The avada theme before 5.1.5 for WordPress has stored XSS.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18605
📖 Read
via "National Vulnerability Database".
The gravitate-qa-tracker plugin through 1.2.1 for WordPress has PHP Object Injection.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18604
📖 Read
via "National Vulnerability Database".
The sitebuilder-dynamic-components plugin through 1.0 for WordPress has PHP object injection via an AJAX request.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18603
📖 Read
via "National Vulnerability Database".
The postman-smtp plugin through 2017-10-04 for WordPress has XSS via the wp-admin/tools.php?page=postman_email_log page parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18602
📖 Read
via "National Vulnerability Database".
The examapp plugin 1.0 for WordPress has SQL injection via the wp-admin/admin.php?page=examapp_UserResult id parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18601
📖 Read
via "National Vulnerability Database".
The examapp plugin 1.0 for WordPress has XSS via exam input text fields.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18600
📖 Read
via "National Vulnerability Database".
The formcraft3 plugin before 3.4 for WordPress has stored XSS via the "New Form > Heading > Heading Text" field.📖 Read
via "National Vulnerability Database".
🔐 Gartner proposes framework to manage regulations for our digital society 🔐
📖 Read
via "Security on TechRepublic".
The myriad rules and regulations that govern data protection and privacy need some type of framework to tie them together in our cyber society.📖 Read
via "Security on TechRepublic".
TechRepublic
Gartner proposes framework to manage regulations for our digital society
The myriad rules and regulations that govern data protection and privacy need some type of framework to tie them together in our cyber society.
🕴 US Power Grid Cyberattack Due to Unpatched Firewall: NERC 🕴
📖 Read
via "Dark Reading: ".
A firewall vulnerability enabled attackers to repeatedly reboot the victim entity's firewalls, causing unexpected outages.📖 Read
via "Dark Reading: ".
Darkreading
US Power Grid Cyberattack Due to Unpatched Firewall: NERC
A firewall vulnerability enabled attackers to repeatedly reboot the victim entity's firewalls, causing unexpected outages.
🕴 Data Is the New Copper 🕴
📖 Read
via "Dark Reading: ".
Data breaches fuel a complex cybercriminal ecosystem, similar to copper thefts after the financial crisis.📖 Read
via "Dark Reading: ".
Darkreading
Data Is the New Copper
Data breaches fuel a complex cybercriminal ecosystem, similar to copper thefts after the financial crisis.
❌ Adobe Fixes Critical Flash Player Code Execution Flaws ❌
📖 Read
via "Threatpost".
Overall Adobe's September security update addressed vulnerabilities in Flash Player and Application Manager.📖 Read
via "Threatpost".
Threat Post
Adobe Fixes Critical Flash Player Code Execution Flaws
Overall Adobe's September security update addressed vulnerabilities in Flash Player and Application Manager.