CISA warns of remote code execution vulnerability with Discourse

Open Source CISA urged developers to update Discourse versions 2.7.8 and earlier in a notice sent out on Sunday, warning that a remote code execution vulnerability was tagged as “critical.” …

Site Deletion Vulnerability in Hashthemes Plugin

WordFence –  WordFence –  Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On August 25, 2021,…

GCHQ Boss: Ransomware Has Doubled in a Year

GCHQ Boss: Ransomware Has Doubled in a Year The volume of ransomware attacks on UK organizations has doubled over the past year, a British spy chief has warned. Director of…

Home Affairs in talks to give telco more blocking powers against malicious messages

Image: Getty Images The Department of Home Affairs is in talks with the telecommunications industry to provide more powers to telcos for blocking spam and malicious content. “We are in…

SolarWinds hackers, Nobelium, hit cloud providers and resellers

So far, Microsoft has informed 140 companies about the new attack campaign being carried out by Nobelium 14 of which were compromised by the group. The IT security researchers at…

Defending Assets You Don’t Know About Against Cyberattacks

No security defense is perfect, and shadow IT means no company can inventory every single asset that it has. David “moose” Wolpoff, CTO at Randori, discusses strategies for core asset…

BQE Web Suite Billing App Rigged to Inflict Ransomware

An SQL-injection bug in the BQE Web Suite billing app has not only leaked sensitive information, it’s also let malicious actors execute code and deploy ransomware. Threat actors have been…

BillQuick Billing App Rigged to Inflict Ransomware

A SQL injection bug in the BillQuick billing app has not only leaked sensitive information, it’s also let malicious actors remotely execute code and deploy ransomware. Threat actors are picking…

BillQuick says patch coming after Huntress report identifies vulnerabilities used in ransomware attack

BillQuick has said a short-term patch will be released addressing some of the vulnerabilities identified this weekend by cybersecurity firm Huntress.  In a blog post on Friday, Huntress security researcher…

What is a cybersecurity degree?

Cybersecurity schools train ethical hackers and information security analysts. A cybersecurity degree can help learners launch careers in this high-demand, lucrative field. Degree-seekers study cybersecurity at the undergraduate and graduate…