⚠️ VULNERABILITY DISCLOSURE 5[−]
17 NovSecurity plugin flaw in millions of WordPress sites gives admin accessA critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly 'Really Simple SSL'), including both free and Pro versions. [...]BLEEPINGCOMPUTER.COM
17 NovWeekly Update 426Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. I have absolutely no problem at all talking about the code I've screwed up. Perhaps that's partly because after 3 decades of writing software (and doing som…TROYHUNT.COM
17 NovAncient TP-Link Backdoor Discovered by Attackers, (Sun, Nov 17th)There are so many vulnerabilities in commonly used routers that attackers often leave many easily exploited vulnerabilities untouched, as they already have plenty of vulnerabilities to exploit.
ISC.SANS.EDU
17 NovRussian Hackers Exploit Windows Flaw with Just a Click! 😱Think you're safe on your Windows PC? Think again! A newly exploited Windows zero-day flaw, targeted by Russian attackers, can be triggered with just a single click—or even less. 😳 This vulnerability, found in the MSH TM engine, is considered 'medium severity,' but its ability to…YOUTUBE.COM
17 NovSecurity plugin flaw in millions of WordPress sites gives admin accesssubmitted by BrikoX to cybersecurity 24 points | 1 comments https://www.bleepingcomputer.com/news/security/security-plugin-flaw-in-millions-of-wordpress-sites-gives-admin-access/ A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin ‘Re…SH.ITJUST.WORKS
📢 SECURITY ADVISORIES 1[−]
17 NovDid You Know Microsoft Moved This to Purview? 🤯Did you know that Microsoft’s Purview isn’t just for compliance? 🤯 It’s a full governance suite! With features like encryption management, data loss prevention, and even eDiscovery, Purview has quietly become a powerhouse for cloud security. Many people don’t realize that key too…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 3[−]
17 NovPhishing emails increasingly use SVG attachments to evade detectionThreat actors increasingly use Scalable Vector Graphics (SVG) attachments to display phishing forms or deploy malware while evading detection. [...]BLEEPINGCOMPUTER.COM
17 NovPhishing emails increasingly use SVG attachments to evade detectionsubmitted by BrikoX to cybersecurity 28 points | 2 comments https://www.bleepingcomputer.com/news/security/phishing-emails-increasingly-use-svg-attachments-to-evade-detection/ Threat actors increasingly use Scalable Vector Graphics (SVG) attachments to display phishing forms or d…SH.ITJUST.WORKS
17 NovAncient TP-Link Backdoor Discovered by Attackerssubmitted by Joker to cybersecurity 37 points | 1 comments https://isc.sans.edu/diary/rss/31442SH.ITJUST.WORKS
📡 INFOSEC NEWS 2[−]
17 NovCrowdStrike, Elections, and Chaos in Maricopa County!When CrowdStrike’s system failed in Maricopa County, it left voters and officials scrambling on Election Day. 🗳️ Arizona’s battleground county faced unprecedented issues checking in voters, and the technical support had limited answers. What really went wrong with the election te…YOUTUBE.COM
17 NovThe Truth Behind Secure Apps: No, They’re NOT 100% SafeAre your apps really secure? 🔐 Joshua Marpet breaks down the surprising reality of app security and the myth of “100% safe” software. In this video, we dive into why absolute security is impossible and the steps developers must take to create safer apps. Discover the essential pr…YOUTUBE.COM