WordPress Releases Security Update

Original release date: April 23, 2015 WordPress 4.1.2 has been released to address multiple vulnerabilities, one of which could allow a site to be compromised by a remote attacker. WordPress 4.1.1 and earlier are affected by this vulnerability. US-CERT recommends users and administrators review the WordPress Security Release and apply the necessary updates. This product Read more about WordPress Releases Security Update[…]

IC3 Warns of Cyber Attacks Focused on Law Enforcement and Public Officials

Original release date: April 21, 2015 The Internet Crime Complaint Center (IC3) has issued an alert warning that law enforcement personnel and public officials may be at an increased risk of cyber attacks. Doxing—the act of gathering and publishing individuals’ personal information without permission—has been observed. Hacking collectives may exploit publicly available information identifying officers Read more about IC3 Warns of Cyber Attacks Focused on Law Enforcement and Public Officials[…]

UK courts can now impose unlimited #DPA fines

Magistrates’ courts are no longer limited to £5,000 fines for criminal offences under the DPA following the entry into force of the Legal Aid, Sentencing and Punishment of Offenders Act 2012 (Fines on Summary Conviction) Regulations 2015 on 12th March 2015. The Regulations allow for an unlimited fine where individuals are convicted under section 55 Read more about UK courts can now impose unlimited #DPA fines[…]

Information Security

Oracle Releases April 2015 Security Advisory

Original release date: April 15, 2015 | Last revised: April 16, 2015 Oracle has released security fixes to address 98 vulnerabilities as part of its quarterly Critical Patch Update. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Read more about Oracle Releases April 2015 Security Advisory[…]

Information Security

Verizon 2015 Data Breach Report – nine common breach patterns

It’s that time of year again – Verizon has just released its data breach report looking back over the reported security incidents and confirmed breaches that occurred during 2014.  One of the key findings were that more than 92% of security incidents collected by Verizon over the last 10 years matched just nine attack patterns, providing at least a straw of hope to cling on to if you are an information security professional feel overwhelmed by the seemingly innumerable number of security threats out there.  Below is the stats-infested list of nine:

[…]

Adobe Releases Security Updates for Flash Player, ColdFusion, and Flex

Original release date: April 15, 2015 Adobe has released three security updates to address multiple vulnerabilities in Flash Player, ColdFusion, and Flex. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system, or lead to a reflected cross-site scripting attack. Users and administrators are encouraged to review Adobe Security Read more about Adobe Releases Security Updates for Flash Player, ColdFusion, and Flex[…]

Microsoft Releases April 2015 Security Bulletin

Original release date: April 14, 2015 Microsoft has released eleven updates to address vulnerabilities in Microsoft Windows. Some of these vulnerabilities could allow elevation of privilege, denial of service, remote code execution, information disclosure, or security feature bypass. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS15-032 – MS15-042 and apply the necessary Read more about Microsoft Releases April 2015 Security Bulletin[…]

Information Security

WP Super Cache Cross-Site Scripting (XSS) Vulnerability

Original release date: April 09, 2015 WP Super Cache, a WordPress plugin, contains a persistent XSS vulnerability in versions prior to 1.4.4. Exploitation of this vulnerability could allow a remote attacker to take control of the affected system. Users and administrators are encouraged to review the WP Super Cache Changelog for more information and update Read more about WP Super Cache Cross-Site Scripting (XSS) Vulnerability[…]

Information Security

Apple Releases Security Updates for OS X, iOS, Safari, and Apple TV

Original release date: April 08, 2015 Apple has released security updates for OS X, iOS, Safari, and Apple TV to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of the affected system. Available updates include: OS X Yosemite v10.10.3 and Security Update 2015-004 for OS X Read more about Apple Releases Security Updates for OS X, iOS, Safari, and Apple TV[…]