Breaking: Aggressive WordPress Brute Force Attack Campaign Started Today, 3am UTC
Posted in WordPress Security on December 18, 2017, by Mark Maunder “A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3 am Universal Time, 7 pm Pacific Time. The attack is broad in that it … Continue reading →
Awareness Officers – What to Communicate About the Equifax Hack
Security Awareness Blog 08 Sep 2017 As most of you have read by now, Equifax was hacked. Equifax is one of four credit rating services, called Credit Bureaus (the other three are Experian, Trans Union and Innovis). This means they harvest … Continue reading →
JetBlue Flight operations updates: FAA Statement on Samsung Galaxy Note 7
Please be advised, the Federal Aviation Administration has issued a precautionary recommendation for customers traveling with a Samsung Galaxy Note 7 mobile device following reports of potential safety concerns. In accordance with this guidance, customers are requested not to turn on … Continue reading →
Vulnerability in WordPress Core: Bypass any password protected post. CVSS Score: 7.5 (High)
The WordPress Core team have just released WordPress version 4.5.3 which is a maintenance and security release. The release went out less than 2 hours ago. WordPress allows you to create posts that are protected by a password and only … Continue reading →
SANS June OUCH! Security Awareness Newsletter
OUCH! Security Awareness Newsletter From SANS Securing The Human Folks, We are excited to announce the June issue of OUCH! This month, led by Guest Editor Francesca Bosco, a privacy lawyer at the United Nations, we focus on encryption. Far too … Continue reading →
Microsoft® Windows® Users Advised to Uninstall Apple® QuickTime
From Trend Micro Team: Microsoft® Windows® users are being advised to uninstall Apple® QuickTime as soon as possible. Apple announced they are no longer supporting QuickTime for Microsoft Windows, meaning Apple will not be fixing any more security vulnerabilities within the … Continue reading →
Vulnerability in User Role Editor – Users Can Become Admins by Mike of Wordfence
Vulnerability in User Role Editor – Users Can Become Admins by Mark Maunder, Wordfence Founder & CEO There is a major vulnerability in a popular plugin with over 300,000 active installs: User Role Editor 4.24 and older. The vulnerability allows any registered … Continue reading →
How Attackers Gain Access to WordPress Sites by Dan Moen
How Attackers Gain Access to WordPress Sites From Dan Moen, Wordfence Blog On this blog we write a lot about different vulnerabilities that could lead to site compromise. In our Learning Center we go deep on a myriad of important topics … Continue reading →
SANS March OUCH! Security Awareness Newsletter
OUCH! Security Awareness Newsletter From SANS Securing The Human Folks, We are excited to announce the March issue of OUCH! This month, led by Guest Editor Lenny Zeltser, we focus on malware. Specifically, what malware is and the key steps you … Continue reading →