CVE-2012-10014

Read Time:28 Second

A vulnerability classified as problematic has been found in Kau-Boy Backend Localization Plugin 2.0 on WordPress. Affected is the function backend_localization_admin_settings/backend_localization_save_setting/backend_localization_login_form/localize_backend of the file backend_localization.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.0.1 is able to address this issue. The name of the patch is 36f457ee16dd114e510fd91a3ea9fbb3c1f87184. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-227232.

Read More

CVE-2012-10013

Read Time:25 Second

A vulnerability was found in Kau-Boy Backend Localization Plugin up to 1.6.1 on WordPress. It has been rated as problematic. This issue affects some unknown processing of the file backend_localization.php. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2.0 is able to address this issue. The name of the patch is 43dc96defd7944da12ff116476a6890acd7dd24b. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-227231.

Read More

Flashpoint releases Ignite platform with threat intelligence reports, rule-based alerts

Read Time:32 Second

Threat intelligence firm Flashpoint has announced the release of Ignite, a new intelligence platform built to accelerate cross-functional risk mitigation and prevention across vulnerability management and security teams, including those in law enforcement, state and local government, and federal civilian agencies. Designed for practitioners, Ignite delivers real-time pictures of pertinent risks while reducing silos that can result from disparate intelligence feeds from multiple partners, helping organizations in the private and public sectors reduce exposure to cyber threats and tackle national security risks, Flashpoint said. The platform was announced during RSA Conference in San Francisco.

To read this article in full, please click here

Read More

OT giants collaborate on ETHOS early threat and attack warning system

Read Time:47 Second

One of the greatest fears among government officials and security experts is a crippling cyberattack on industrial organizations that run essential services, including electricity, water, oil and gas production, and manufacturing systems. The proprietary and complex nature of the operational technology (OT) tools used in these systems, not to mention their rapid convergence with IT technology, makes securing OT systems a chronic, high-stakes challenge.

The growing demand for greater OT and industrial control system (ICS) security expertise has led to the rise of a vibrant group of OT security companies that vigorously compete with one another to grab customers in the growing space. These competitors are setting aside their rivalries to collaborate on a new vendor-neutral, open-source, and anonymous OT threat early warning system called ETHOS (Emerging Threat Open Sharing) that aims to share data on early threat indicators and discover new and novel attacks.

To read this article in full, please click here

Read More