Critical hole in popular WordPress SEO plugin allows SQLi, site hijacking
Another highly popular WordPress plugin has been found sporting a cross-site request forgery flaw that can be exploited to mount a blind SQL injection attack, and could also …
Defending against PoS RAM scrapers
Stealing payment card data has become an everyday crime that yields quick monetary gains. Attackers aim to steal the data stored in the magnetic stripe of payment cards, …
Most businesses fail interim PCI compliance assessment
Nearly 80 percent of all businesses fail their interim PCI compliance assessment, leaving them vulnerable to cyberattacks, according to Verizon’s 2015 PCI Compliance …
Listen to your employees or deal with shadow IT
Data leakage, compliance breaches, business inefficiency and hidden costs are just some of the risks organizations are leaving themselves open to by not meeting the IT demands …
Huge IT Slider WordPress plugin opens SQL injection hole
The 50,000+ active users of the Huge IT Slider WordPress plugin are advised to update to the latest version, as it closes a vulnerability that can be exploited by website …
New crypto-ransomware encrypts video games files
A new piece of ransomware that (mis)uses the Cryptolocker “brand” has been analyzed by Bromium researchers, and they discovered that aside from the usual …
CS:GO players targeted with phishing attempt, malware
Typosquatting is an effective means to trick users into believing they have landed on the legitimate site they wanted to visit, so it’s no wonder that it’s often …
2,400 unsafe mobile apps found in average large enterprise
The average global enterprise has approximately 2,400 unsafe applications installed in its mobile environment, according to Veracode. Based on an analysis of hundreds of …
Cyber crooks take advantage of ad bidding networks to deliver ransomware
Malware peddlers are taking advantage of real time advertising bidding networks to deliver ransomware to unsuspecting users, FireEye researchers are warning. “Real Time …
Analysis of Equation Group’s espionage platform discovers another link to the NSA
Kaspersky Lab researchers continue to analyze the software and digital artifacts tied to the Equation Group, a nation-state threat actor that has been active for almost twenty …
How much pressure do infosec professionals face?
Businesses were under increased pressure to secure their organizations in 2014 and expect that pressure to increase in 2015, according to Trustwave. Survey respondents also …
As confidence sinks, cyber attacks rise
While IT security spending is increasing, confidence is falling. In surveying more than 800 security decision makers and practitioners, the CyberEdge Group found that more …
Featured news
Resources
Don't miss
- Quantifying cyber risk strategies to resonate with CFOs and boards
- Top 5 threats keeping CISOs up at night in 2025
- CISOs, are your medical devices secure? Attackers are watching closely
- Cybersecurity classics: 10 books that shaped the industry
- NIST selects HQC as backup algorithm for post-quantum encryption