April 13, 2015 WordPress Plugin Vulnerability Puts an Estimated 1 Million Sites at Risk of XSS Attacks 2 min read - A WordPress plugin vulnerability related to WP Super Cache could let cybercriminals create back doors, add new administrators or worse, experts say.
April 9, 2015 Security Flaw Pushes Mozilla to Disable Firefox Opportunistic Encryption Capability 2 min read - According to Mozilla, it has disabled its Firefox opportunistic encryption capability after a security flaw that allowed for MitM attacks was discovered.
Software Vulnerabilities April 8, 2015 The 10 Most Common Application Attacks in Action 4 min read - Based on OWASP's list of the 10 most common application attacks, IBM has created a video series highlighting each one and how organizations can stay safe.
April 7, 2015 BitTorrent Vulnerability Discovered as Sync Service Exits Beta 2 min read - A research advisory suggests cybercriminals could have exploited a BitTorrent vulnerability to include executable code via URLs in its Sync service.
Software Vulnerabilities April 6, 2015 Determining the Responsibility of a Vulnerability Disclosure 3 min read - When it comes to reporting a vulnerability disclosure, there are many discussions happening about what is right and what is "responsible."
April 3, 2015 DDoS Made Deadlier: Multicast DNS Vulnerability Could Affect More Than 100,000 Devices 2 min read - According to CERT, a miconfiguration in many devices could mean cybercriminals can exploit a multicast DNS vulnerability, making DDoS attacks worse.
April 2, 2015 Security Researcher: eBay Vulnerabilities Could Have Led to Drive-By Attacks 2 min read - A pair of eBay vulnerabilities could have let cybercriminals hide malware in image files and direct URLs to harmful sites, according to a researcher.
Intelligence & Analytics April 1, 2015 The Power of Community Defense: Using a Combination of Threat Intelligence, Information Sharing and Open Standards 2 min read - Using community defense, organizations can band together to promote increased information sharing to alert others about potentially dangerous threats.
March 27, 2015 Instagram API Bug: Picture Imperfect? 2 min read - Security researcher David Sopas of WebSegura claims there is a potentially massive hole in the Instagram API. Instagram has not yet made moves for a fix.
March 25, 2015 All Four Major Browsers Hacked in Pwn2Own Competition 3 min read - All four major browsers were hacked by security researchers at the Pwn2Own competition, which is designed to encourage responsible bug disclosures.