Threat intelligence team from security firm Wordfence discovered a Cross-Site Request Forgery (CSRF) to Stored Cross-Site Scripting (XSS) vulnerability in Contact Form 7 Style, a WordPress plugin installed on over 50,000 sites.
The vulnerability, with a CVSS Score: 8.8, could allow a...
Woodland Trust, a charitable trust organization that protects and restores woodland in England, Scotland, Northern Ireland, and Wales, was hit by a sophisticated, high-level cyberattack in December 2020. Woodland Trust stated that unknown attackers illicitly obtained access to the...
In an exclusive interview with Brian Pereira of CISO MAG, Umesh Padval, Venture Partner at Thomvest Ventures shares his thoughts on the current and future state of cybersecurity from a VC perspective. He also tells us about the type...
Today, everywhere you turn, there are warnings about the surge in cybercrimes, as miscreants take advantage of the globe's newfound dependence on the virtual world. This has also drawn attention to the breeding ground of cybercrime – the dark...
Fortinet, a cybersecurity solutions provider, has addressed four critical vulnerabilities in its FortiWeb web application firewalls. Tracked as CVE-2020-29015, CVE-2020-29016, CVE-2020-29019, and CVE-2020-29018, the vulnerabilities were discovered by Andrey Medov, a security researcher from Positive Technologies.
Vulnerability Details
CVE-2020-29015 – This vulnerability exists...
In December 2020, we reported a data leak that potentially exposed 45 million unique medical images due to unprotected servers. It exposed the increasing vulnerability of the health care industry towards the ever-rising cyberthreats. However, the U.S. Food and...
Since organizations are working remotely, most IT and cloud security professionals globally are concerned about their cloud environment's security. Besides, the security vulnerabilities created during the adoption of new access policies, networks, and devices used for managing cloud infrastructure...
The U.S. National Cyber Investigative Joint Task Force (NCIJTF) published a new ransomware fact sheet intending to spread public awareness on the ransomware threat landscape. The fact sheet details the critical information on the current ransomware threat scenario and the government’s...
Adversaries posted sensitive information of 3.2 million DriveSure users on the underground hacking forum - Raidforums. Dubbed “pompompurin,” the hacker group advertised the leaked files and user data in a post, as proof of compromise. DriveSure is a car...
Malware is often on the lookout for newer ways to sneak and evade security. One such malware is Agent Tesla. It is an information stealer and Remote Access Trojan (RAT) active since 2014. It remained as one of the...
