WordPress Plugin Removed After Zero Day Discovered
The plugin, Social Warfare, is no longer listed after a cross site scripting flaw was found being exploited in the wild.
Hackers Take Down Safari, VMware and Oracle at Pwn2Own
On the first day of Pwn2Own 2019 hackers poked holes in Apple Safari, VMware Workstation and Oracle VirtualBox.
Cisco Patches High-Severity Flaws in IP Phones
The most serious vulnerabilities in Cisco’s 8800 Series IP Phones could allow unauthenticated, remote attackers to conduct a cross-site request forgery attack or write arbitrary files to the filesystem.
Post-Perimeter Security: Addressing Evolving Mobile Enterprise Threats
Experts from Gartner, Lookout and Google talk enterprise mobile security in this webinar replay.
Host of Flaws Found in CUJO Smart Firewall
Some of the flaws would allow remote code-execution.
Researcher Says NSA’s Ghidra Tool Can Be Used for RCE
Researchers have released a proof-of-concept showing how a XXE vulnerability can be exploited to attack Ghidra project users.
ThreatList: DDoS Attack Sizes Drop 85 Percent Post FBI Crackdown
The FBI’s crackdown on 15 DDoS-for-hire sites appears to have had an impact on DDoS attacks, the average size for which dropped 85 percent in the fourth quarter of 2018, a new report found.
Mirai Variant Goes After Enterprise Systems
The newest Mirai variant is targeting WePresent WiPG-1000 Wireless Presentation systems and LG Supersign TVs used by enterprises.
Privacy Regulations Needed for Next-Gen Cars
With wide deployment expected in the next decade, the driverless automobile landscape looks fraught – from road safety to data protection.
Lenovo Patches High-Severity Arbitrary Code Execution Flaws
Lenovo has issued patches for several serious vulnerabilities in its products stemming from Intel technology fixes.
