vulnerability

Zoom bug meant attackers could brute force their way into password-protected meetings

Zoom has patched a security hole that could have allowed attackers to break their way into password-protected private calls.

Read more in my article on the Hot for Security blog.

Thousands of websites at risk from critical WordPress commenting plugin vulnerability

A critical vulnerability in a third-party comments plugin installed on over 70,000 websites running WordPress could allow hackers to execute malicious code remotely.

If you’re using the wpDIscuz commenting plugin, make sure you’ve kept it up to date – or your website might be hijacked… or wiped.

Read more in my article on the Hot for Security blog.

A free iPhone from Apple? It’s possible, but there are some catches

Who wouldn’t want the latest and greatest iPhone for free?

Well, if you’re a security researcher then you might be able to get just that…

Insecure IoT devices could be banned and destroyed if they fail to meet UK security standards

IoT devices could be banned from sale and destroyed if they fail to meet basic security standards, according to proposals put forward by the UK Government.

Read more in my article on the Bitdefender BOX blog.

Find a Playstation 4 vulnerability and earn over $50,000

Do you think you have found a vulnerability in the Sony PlayStation 4 or the PlayStation Network?

You could be heading towards a sizeable sum of money, after Sony announced details of its new bug bounty program. Just be sure to play by the rules…

Read more in my article on the Tripwire State of Security blog.

Your “smart” household appliance might have a short lifespan

Are you itching for an internet fridge? Hankering for a smart washing machine? Thirsting for an IoT-enabled thermostat?

Well, think twice before you make a potentially costly mistake when deciding what appliance you will be next be purchasing for your home.

Read more in my article on the Bitdefender BOX blog.

Pablo Escobar’s brother says FaceTime flaw revealed his address, sues Apple for a publicity stunt (and $2.6 billion)

As YouTubers warn the public not to buy smartphones from Escobar Inc, the notorious drug lord’s brother orchestrates a publicity stunt.

Read more in my article on the Hot for Security blog.

Mitsubishi hackers may have stolen details of prototype missile

Hackers exploited vulnerabilities in one of Trend Micro’s anti-virus products last year to steal information from Japanese manufacturer Mitsubishi Electric.

Now, the Japanese Defense Ministry believes the state-sponsored hackers may have been after details of a prototype missile.

FBI warns hackers are planting card skimmers on online stores running a vulnerable Magento plugin

The FBI has issued a “flash alert” warning that hackers are planting Magecart-style credit card-skimming code on Magento-powered online stores running an out-of-date plugin.

The most-targeted security vulnerabilities – despite patches having been available for years

Newly-discovered zero-day vulnerabilities may make the biggest headlines, but that doesn’t mean that they’re necessarily the thing that will get your company hacked.

This week, US-CERT has published its list of the “Top 10 Routinely Exploited Vulnerabilities”.

Read more in my article on the Tripwire State of Security blog.

For six years Samsung smartphone users have been at risk from critical security bug. Patch now

Samsung has released a security update for its popular Android smartphones which includes a critical fix for a vulnerability that affects all devices sold by the manufacturer since 2014.

Read more in my article on the Tripwire State of Security blog.

Ghost blogging platform suffers security breach

Scary stuff as hackers exploit Salt vulnerability in attempt to mine cryptocurrency on breached blogging platform’s servers.

A GIF image could have let hackers hijack Microsoft Teams at your firm

A critical vulnerability has been patched in the Microsoft Teams work collaboration platform after security researchers discovered a way in which hackers could compromise accounts and steal data with a seemingly harmless .GIF image.

Read more in my article on the Bitdefender Business Insights blog.

Hackers’ malicious script skimmed credit card details off Robert Dyas website

UK DIY, electricals, and houseware chain Robert Dyas has revealed that malicious code on Robert Dyas’s payment page was secretly skimming the credit card details of customers and sending them to hackers.

Text ‘bomb’ crashes iPhones, iPads, Macs and Apple Watches – what you need to know

An innocent-looking message, containing characters in the Sindhi language, can cause your iPhone to crash without warning.

Read more in my article on the Hot for Security blog.

A Zoom zero-day exploit is up for sale for $500,000

There are reportedly two zero-day vulnerabilities present in the latest versions of Zoom for Windows and macOS – and exploits for the unpatched flaws are being actively hawked to anyone who might be prepared to pay.

Read more in my article on the Tripwire State of Security blog.