Author: DEFENDEDGE
-
Pulse Secure VPNs Get Quick Fix for Critical RCE
One of the workaround XML files automatically deactivates protection from an earlier workaround: a potential path to older vulnerabilities being opened again. Read more
-
Restaurant Reservation System Patches Easy-to-Exploit XSS Bug
A WordPress reservation plugin has a vulnerability that allows unauthenticated hackers to access reservation data stored by site owners. Read more
-
Vulnerability Summary for the Week of May 17, 2021
Original release date: May 24, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info cars-seller-auto-classifieds-script_project — cars-seller-auto-classifieds-script The request_list_request AJAX call of the Car Seller – Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitise, validate or escape the order_id… Read more
-
WP Statistics Bug Allows Attackers to Lift Data from WordPress Sites
The plugin, installed on hundreds of thousands of sites, allows anyone to filch database info without having to be logged in. Read more
-
Four Android Bugs Being Exploited in the Wild
On Wednesday, Google quietly slipped updates into its May 3 Android security bulletin for bugs that its Project Zero group has confirmed are zero-days. Read more
-
DarkSide Ransomware Gang Extorted $90 Million from Several Victims in 9 Months
DarkSide Ransomware Gang Extorted $90 Million from Several Victims in 9 Months The hacker group behind the Colonial Pipeline ransomware attack, DarkSide that went in operation in August 2020, received $90 million in bitcoin payments after a 9 month ransomware spree. DarkSide is just one of the many groups that operated as a service provider… Read more
-
Apple Exec Calls Level of Mac Malware ‘Unacceptable’
Company is using threat of attacks as defense in case brought against it by Epic Games after Fortnite was booted from the App Store for trying to circumvent developer fees. Read more
-
Defending Against Ransomware
Defending Against Ransomware Ransomware is a rapidly growing threat affecting numerous private companies and government agencies. Ransomware can encrypt files on a device rendering them usable until a ransom is paid in exchange for its depiction. Any given attack could cost thousands to millions of dollars in loss of capabilities, recovering data, or repairing system… Read more
-
Update to CISA-FBI Joint Cybersecurity Advisory on DarkSide Ransomware
Original release date: May 19, 2021 CISA and the Federal Bureau of Investigation (FBI) have updated Joint Cybersecurity Advisory AA21-131A: DarkSide Ransomware: Best Practices for Preventing Disruption from Ransomware Attacks, originally released May 11, 2021. This update provides a downloadable STIX file of indicators of compromise (IOCs) to help network defenders find and mitigate activity… Read more
-
Can Nanotech Secure IoT Devices From the Inside-Out?
Work’s being done with uber-lightweight nanoagents on every IoT device to stop malicious behavior, such as a scourge of botnet attacks, among other threats. Read more