Latest News
Stay up to date with the latest posts and updates
Alerts
-
80K Retail WooCommerce Sites Exposed by Plugin XSS Bug
The Variation Swatches plugin security flaw lets attackers with low-level permissions tweak important settings on e-commerce sites to inject malicious scripts.
4 min read
-
How Decryption of Network Traffic Can Improve Security
Most industry analyst firms conclude that between 80-90 percent of network traffic is encrypted today. Jeff Costlow, CISO at ExtraHop, explains why this might not be a good…
4 min read
-
CISA Adds Five Known Exploited Vulnerabilities to Catalog
Original release date: December 1, 2021 CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities…
4 min read
-
Lloyd’s Carves Out Cyber-Insurance Exclusions for State-Sponsored Attacks
The insurer won’t pay for ‘acts of cyber-war’ or nation-state retaliation attacks.
4 min read
-
IKEA Hit by Email Reply-Chain Cyberattack
IKEA, king of furniture-in-a-flat-box, warned employees on Friday that an ongoing cyberattack was using internal emails to malspam malicious links in active email threads.
4 min read
-
Unpatched Windows Zero-Day Allows Privileged File Access
A temporary fix has been issued for CVE-2021-24084, which can be exploited using the LPE exploitation approach for the HiveNightmare/SeriousSAM bug.
4 min read
