Stubborn WooCommerce Plugin Bugs Get Third Patch
Users of the Discount Rules for WooCommerce WordPress plugin are urged to apply a third and (hopefully) final patch.
Read moreVulnerabilities
Mozi Botnet Accounts for Majority of IoT Traffic
Mozi’s spike comes amid a huge increase in overall IoT botnet activity.
Read moreApple Bug Allows Code Execution on iPhone, iPad, iPod
Release of iOS 14 and iPadOS 14 brings fixes 11 bugs, some rated high-severity.
Read moreAPT41 Operatives Indicted as Sophisticated Hacking Activity Continues
Five alleged members of the China-linked advanced threat group and two associates have been indicted by a Federal grand jury, on dozens of charges.
Read moreHackers Continue Cyberattacks Against Vatican, Catholic Orgs
The China-linked threat group RedDelta has continued to launch cyberattacks against Catholic institutions since May 2020 until as recently as last week.
Read moreBluetooth Spoofing Bug Affects Billions of IoT Devices
The ‘BLESA’ flaw affects the reconnection process that occurs when a device moves back into range after losing or dropping its pairing, Purdue researchers said.
Read moreIBM Spectrum Protect Plus Security Open to RCE
Two bugs (CVE-2020-4703 and CVE-2020-4711) in IBM’s Spectrum Protect Plus data-storage protection solution could enable remote code execution.
Read moreWindows Exploit Released For Microsoft ‘Zerologon’ Flaw
Security researchers and U.S. government authorities alike are urging admins to address Microsoft’s critical privilege escalation flaw.
Read moreMFA Bypass Bugs Opened Microsoft 365 to Attack
Vulnerabilities ‘that have existed for years’ in WS-Trust could be exploited to attack other services such as Azure and Visual Studio.
Read moreFeds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs
Monday’s CISA advisory is a staunch reminder for federal government and private sector entities to apply patches for flaws in F5 BIG-IP devices, Citrix VPNs, Pulse Secure VPNs and Microsoft Exchange servers.
Read more