Author Archives: Advisory Services

Electric Vehicle Charging Stations Open to IoT Attacks

Flaws could allow an attacker to stop or start a home charging station, or even change the current in order to start a fire.


WordPress 5.0 Patched to Fix Serious Bugs

One bug accidentally allowed Google to index user passwords.


Logitech Keystroke Injection Flaw Went Unaddressed for Months

The flaw allows a remote attacker to gain full access over a machine.


Save the Children Federation Duped in $1M Scam

A business email compromise campaign cost the Save the Children Federation $1 million.


Bomb Threats Emailed Around the World

Original release date: December 13, 2018 The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Agency (CISA), is aware of a worldwide email campaign targeting businesses and organizations with bomb threats. The emails claim that a device will detonate unless a ransom in Bitcoin is paid. If you receive a bomb threat email, NCCIC recommends the following actions: Do not respond or try to contact the sender. Do not pay the ransom. Report the email …
Read More »


WordPress Releases Security Update

Original release date: December 13, 2018 WordPress 5.0 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Agency (CISA), encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.0.1. This product is provided subject to this Notification and this Privacy & Use policy.


Grammarly Launches Public Bug Bounty Program

The online spell check platform is taking its private bounty program public in hopes of outing more threats.


Android Trojan Targets PayPal Users

The trojan purports to be a battery optimization app – and then steals up to 1,000 euro from victims’ PayPal accounts.


Google Releases Security Updates for Chrome

Original release date: December 12, 2018 Google has released Chrome Version 71.0.3578.98 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Chrome Releases page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.


Supply Chain Security: Managing a Complex Risk Profile

Experts sound off on how companies can work with their third-party suppliers and partners to secure the end-to-end supply chain.