Researchers at GoDaddy security have posted details of an XSS vulnerability in the Slimstat plugin, affecting over 100,000 sites. The WordPress Slimstat plugin, which currently has over 100k installs, allows your website to gather analytics data for your WordPress website. It will track certain information such as the browser and operating system details, plus page …
Threat actors have started scanning the internet for Windows systems that are vulnerable to the BlueKeep (CVE-2019-0708) vulnerability. This vulnerability impacts the Remote Desktop Protocol (RDP) service included in older versions of the Windows OS, such as XP, 7, Server 2003, and Server 2008. Microsoft released fixes for this vulnerability on May 14, as part …
Chip designer ARM has suspended business with Huawei, threatening the Chinese company’s ability to create its own chips. BBC News reports that ARM employees have been instructed to halt “all active contracts, support entitlements, and any pending engagements” with Huawei due to the US trade ban. The US has banned any US companies from doing …
Google announced today that it’s the latest tech giant after Facebook and Twitter to have accidentally stored user passwords unprotected in plaintext. G Suite users, pay attention. “Our authentication systems operate with many layers of defense beyond the password, and we deploy numerous automatic systems that block malicious sign-in attempts even when the attacker knows …
THE Irish data watchdog is probing the WhatsApp attack to determine if European users have been affected by the breach. WhatsApp has rushed to roll out a security fix after concerns were raised hackers could inject surveillance software on to phones via the call function. The app discovered a vulnerability that allowed attackers to install …
Following the arrest in 2018 of a number of suspected leaders of the notorious Fin7/Carbanak cyber-gang, the group was believed to have disbanded. But Kaspersky Lab researchers have detected a number of new attacks by the same groups using GRIFFON malware. According to the company’s experts, Fin7 might have extended the number of groups operating …
The discovery that hackers could snoop on WhatsApp should alert users of supposedly secure messaging apps to an uncomfortable truth: “End-to-end encryption” sounds nice — but if anyone can get into your phone’s operating system, they will be able to read your messages without having to decrypt them. According to a report in the Financial …
American law enforcement just took down a significant SIM hijacking ring. Federal agents have charged nine men with wire fraud and identity theft charges for participating in The Community, a group that transferred phone numbers to SIM cards in their possession, used those to take control of online accounts (particularly those with two-factor authentication) and …
In a series of sweeping announcements on Tuesday, Google announced it’s unveiling new privacy tools that would, if they lived up to the hype, let users restrict how companies track their online activities and compile and sell their personal data. Speaking at an annual conference for developers on Tuesday, Sundar Pichai, Google’s chief executive, delivered …
Research published on Monday by cyber threat intelligence company Intsights paints a bleak picture for cybersecurity across the global financial services industry. According to the report, more than 25% of all malware attacks hit banks and other financial services organizations, more than any other industry, and there were huge year-on-year increases in the numbers of compromised credit cards …