Week in review: BlueKeep, GitHub automated security fixes, reducing the threat of legacy apps
Here’s an overview of some of last week’s most interesting news, articles and podcasts: Attackers are exploiting WordPress plugin flaw to inject malicious scripts …
Chrome extension devs must drop deceptive installation tactics
After announcing its intention to limit third-party developers’ access to Chrome’s webRequest API, which is used by many ad-blocking extensions to filter out …
Siemens LOGO!, a PLC for small automation projects, open to attack
LOGO!, a programmable logic controller (PLC) manufactured by Siemens, sports three vulnerabilities that could allow remote attackers to reconfigure the device, access project …
Researchers fight ransomware attacks by leveraging properties of flash-based storage
Ransomware continues to pose a serious threat to organizations of all sizes. In a new paper, “Project Almanac: A Time-Traveling Solid State Drive,” University of …
New infosec products of the week: May 31, 2019
SailPoint Predictive Identity platform: The future of identity governance SailPoint unveiled the SailPoint Predictive Identity platform, the intelligent cloud identity …
What mechanisms can help address today’s biggest cybersecurity challenges?
In this Help Net Security podcast, Syed Abdur Rahman, Director of Products with unified risk management provider Brinqa, talks about their risk centric knowledge-driven …
Researchers spot manipulated photos and video using AI-driven imaging system
To thwart sophisticated methods of altering photos and video, researchers at the NYU Tandon School of Engineering have demonstrated an experimental technique to authenticate …
Attackers are exploiting WordPress plugin flaw to inject malicious scripts
Attackers are leveraging an easily exploitable bug in the popular WP Live Chat Support plugin to inject a malicious JavaScript in vulnerable sites, Zscaler warns. The company …
G Suite to get Gmail confidential mode, on by default
Earlier this year, Google introduced Gmail confidential mode for both consumer and G Suite users. While the former were able to use it immediately, the latter depended on …
A veteran’s look at the cybersecurity industry and the problems that need solving
For many in the infosec industry, Daniel Miessler needs no introduction, as he’s a 20-year industry veteran, a professional that fulfilled a variety of security roles at …
Majority of CISOs plan to ask for an increase in cybersecurity investment
Most CISOs of financial institutions (73 percent) plan to ask their organization’s CFO for an increase in cybersecurity investments in the next year, according to the …
Security overconfidence and immaturity continue to endanger organizations
The majority of organizations are ill-prepared to protect themselves against privileged access abuse, the leading cyber-attack vector, according to Centrify and Techvangelism. …
Featured news
Resources
Don't miss
- Hottest cybersecurity open-source tools of the month: November 2025
- Gainsight breach: Salesforce details attack window, issues investigation guidance
- New “HashJack” attack can hijack AI browsers and assistants
- Heineken CISO champions a new risk mindset to unlock innovation
- Small language models step into the fight against phishing sites