Critical Security Flaw in WordPress Plugin Allows RCE
WordPress plugin Comments – wpDiscuz, which is installed on over 70,000 sites, has issued a patch.
Facial-Recognition Flop: Face Masks Thwart Virus, Stump Security Systems
Algorithms clocked error rates of between 5% to 50% when comparing photos of people wearing digitally created masks with unmasked faces.
OkCupid Security Flaw Threatens Intimate Dater Details
Attackers could exploit various flaws in OkCupid’s mobile app and webpage to steal victims’ sensitive data and even send messages out from their profiles.
APT trends report Q2 2020
For more than three years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They…
Lazarus Group Brings APT Tactics to Ransomware
A new ransomware, VHD, was seen being delivered by the nation-state group’s multiplatform malware platform, MATA.
Podcast: Security Lessons Learned In Times of Uncertainty
Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs, discusses the top threats and lessons learned from the first half of 2020.
Researchers Warn of High-Severity Dell PowerEdge Server Flaw
A path traversal vulnerability in the iDRAC technology can allow remote attackers to take over control of server operations.
Lazarus on the hunt for big game
We may only be six months in, but there’s little doubt that 2020 will go down in history as a rather unpleasant year. In the field of cybersecurity, the collective hurt mostly crystallized around the increasing prevalence of targeted ransomware attacks. By investigating a number of these incidents and through discussions with some of our…
Microsoft Revamps Windows Insider Preview Bug Bounty Program
Researchers can earn up to $100,000 for finding vulnerabilities in Microsoft’s revamped Windows Insider Preview bug bounty program.
Attackers Exploiting High-Severity Network Security Flaw, Cisco Warns
Attackers are exploiting a high-severity vulnerability in Cisco’s network security software products, which is used by Fortune 500 companies.