Revive Adserver patches two vulnerability, one of which may have been used to allow hackers to deliver malware to third-party websites. The open-source advertising platform Revive Adserver is urging customers to patch two vulnerabilities, one of which is critical and may have been exploited to allow hackers to deliver malware to third-party websites. Revive Adserver, […]
Part of a slew of patches from the networking vendor, the CVSS 9.8 bug allows remote takeover of a vulnerable device. A critical vulnerability in Cisco’s software-defined networking (SDN) software could allow an unauthenticated, remote attacker to connect to a vulnerable data-center switch and take it over, with the privileges of the root user. The […]
The adversaries have the hallmarks of an advanced, organized group, with well-established infrastructure. New details are emerging in the April attack on systems consulting behemoth Wipro, which saw its network hacked and used for mounting attacks on a dozen of its customers. In a fresh analysis of the indicators of compromise (IOCs), Flashpoint analysts said […]
Convincing phishing pages and millions of suspicious apps are plaguing tax season. Tax Day in the U.S. is looming on Monday, and as people rush to do their last-minute filing, scammers are out in full force, targeting consumers and businesses alike. According to RiskIQ numbers, the internet is awash in crafty schemes and dangerous threat […]
Security Risk: Dangerous Exploitation Level: Easy/Remote DREAD Score: 7/10 Vulnerability: SQL Injection Patched Version: 1.6.1 52 SHARES FacebookTwitterSubscribe As part of our regular research audits for our Sucuri Firewall, we discovered an SQL injection vulnerability affecting 40,000+ users of the Advanced Contact Form 7 DB WordPress plugin. Current State of the Vulnerability This plugin saves […]
U.S. Senators Roy Blunt and Brian Schatz, members of the Senate Committee on Commerce, Science, & Transportation, introduced the Commercial Facial Recognition Privacy Act of 2019. The bipartisan legislation would strengthen consumer protections by prohibiting commercial users of facial recognition technology (FR) from collecting and re-sharing data for identifying or tracking consumers without their consent. […]
Mastercard, in collaboration with Microsoft, Workday and the nonprofit, nonpartisan Partnership for Public Service, launched the Cybersecurity Talent Initiative – a public-private partnership to recruit the nation’s best minds to defend against global cyberattacks. The Cybersecurity Talent Initiative is a new program to help reduce the critical talent gap and support the next generation of […]
Google today announced that it is expanding its research around quantum computing and that it has hired UC Santa Barbara’s (UCSB) John Martinis and his team — one of the most prolific research groups in this area — to work on new quantum processors based on superconducting electronics. Researchers in Martinis’ lab were among the […]
Phishing emails target a bank’s users with malware – and make their landing page look more legitimate with fake Google reCAPTCHAs. A recently-discovered phishing scam was found peddling malware, using a new technique to mask its malicious landing page: A fake Google reCAPTCHA system. The campaign targeted a Polish bank and its users with emails, […]