04 Sep: WP Security: 1 premium theme vulnerability in AUG 2018

For your WP Security, be informed about the latest vulnerabilities in WordPress themes: Supreme Directory Theme Unauthenticated Cross-Site Scripting (XSS) reported by Franciny Salles and Flavio Landivar (http://www.hackingxsolutions.com/). This theme has a parameter, s, that allows execute a xss payload: ">". The software does not neutralize or incorrectly neutralizes user-controllable...


15 Aug: Advanced Persistent Threats: The Lazarus Group

State-sponsored attackers and established cybercriminals usually reserve their efforts for the biggest, most high-profile targets. But in 2017, they began going after smaller targets. Advanced persistent threats (APTs) are far more difficult to detect and defend against than other types of cyber attacks. They have significant resources, proven capabilities and...


13 Aug: New Attack Vectors: CLOUD SERVICES

Social Engineering exploits More businesses are moving to the cloud, creating new kinds of risk. Analysing how attackers are getting access to this infrastructure—and how some users are inadvertently misusing it — provides critical insight into how to better protect against these new threats. The cloud and software-as-a-service (SaaS) apps...