β Intel: SSH-stealing NetCAT bug not really a problem β
π Read
via "Naked Security".
There's another vulnerability in Intel chips, with another catchy name: NetCAT.π Read
via "Naked Security".
Naked Security
Intel: SSH-stealing NetCAT bug not really a problem
Thereβs another vulnerability in Intel chips, with another catchy name: NetCAT.
β North Korean Spear-Phishing Attack Targets U.S. Firms β
π Read
via "Threatpost".
Researchers warn that U.S. firms are being targeted with legitimate - but trojanized - documents that are often socially engineered to a tee.π Read
via "Threatpost".
Threat Post
North Korean Spear-Phishing Attack Targets U.S. Firms
Researchers warn that U.S. firms are being targeted with legitimate - but trojanized - documents that are often socially engineered to a tee.
β Just how private are your browsing habits? β
π Read
via "Naked Security".
DNS-over-HTTPS sounds as though it should be safer than plain DNS, because of the "HTTPS" part - but not everyone is delighted about it...π Read
via "Naked Security".
Naked Security
Just how private are your browsing habits?
DNS-over-HTTPS sounds as though it should be safer than plain DNS, because of the βHTTPSβ part β but not everyone is delighted about itβ¦
π΄ Taking a Fresh Look at Security Ops: 10 Tips π΄
π Read
via "Dark Reading: ".
Maybe you love your executive team, your security processes, tools, or strategy. Maybe you hate them. Whatever the situation, it's likely at some point that things will have changed.π Read
via "Dark Reading: ".
Dark Reading
Cyber Risk recent news | Dark Reading
Explore the latest news and expert commentary on Cyber Risk, brought to you by the editors of Dark Reading
ATENTIONβΌ New - CVE-2016-10955
π Read
via "National Vulnerability Database".
The cysteme-finder plugin before 1.4 for WordPress has unrestricted file upload because of incorrect session tracking.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10954
π Read
via "National Vulnerability Database".
The Neosense theme before 1.8 for WordPress has qquploader unrestricted file upload.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10953
π Read
via "National Vulnerability Database".
The Headway theme before 3.8.9 for WordPress has XSS via the license key field.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10952
π Read
via "National Vulnerability Database".
The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10951
π Read
via "National Vulnerability Database".
The fs-shopping-cart plugin 2.07.02 for WordPress has SQL injection via the pid parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10950
π Read
via "National Vulnerability Database".
The sirv plugin before 1.3.2 for WordPress has SQL injection via the id parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10949
π Read
via "National Vulnerability Database".
The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10948
π Read
via "National Vulnerability Database".
The Post Indexer plugin before 3.0.6.2 for WordPress has incorrect handling of data passed to the unserialize function.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10947
π Read
via "National Vulnerability Database".
The Post Indexer plugin before 3.0.6.2 for WordPress has SQL injection via the period parameter by a super admin.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10946
π Read
via "National Vulnerability Database".
The wp-d3 plugin before 2.4.1 for WordPress has CSRF.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10945
π Read
via "National Vulnerability Database".
The PageLines theme 1.1.4 for WordPress has wp-admin/admin-post.php?page=pagelines CSRF.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10944
π Read
via "National Vulnerability Database".
The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10943
π Read
via "National Vulnerability Database".
The zx-csv-upload plugin 1 for WordPress has SQL injection via the id parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10942
π Read
via "National Vulnerability Database".
The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has SQL injection via the insert_id parameter exploitable via CSRF.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10941
π Read
via "National Vulnerability Database".
The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has XSS exploitable via CSRF.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10940
π Read
via "National Vulnerability Database".
The zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10939
π Read
via "National Vulnerability Database".
The xtremelocator plugin 1.5 for WordPress has SQL injection via the id parameter.π Read
via "National Vulnerability Database".