Valorant aimbot hack lures the unwary into malware infection
Many of us might need a helping hand to defeat our video game rivals, but you could end up shooting yourself in the foot. Read...
USN-5325-1: Zsh vulnerabilities
Sam Foxman discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this issue to regain dropped privileges. (CVE-2019-20044) It was discovered that...
UK Unveils New Cyber Flashing Law
People who send unsolicited sexual images could serve two years in prison Read More
Exclusive: iboss Issues School District Cybersecurity Warning
Research finds “startlingly low understanding” of cybersecurity risks among school leaders Read More
CVE-2021-24950
The Insight Core WordPress plugin through 1.0 does not have any authorisation and CSRF checks in the insight_customizer_options_import (available to any authenticated user), does not...
CVE-2021-24940
The Persian Woocommerce WordPress plugin through 5.8.0 does not escape the s parameter before outputting it back in an attribute in the admin dashboard, which...
CVE-2021-24897
The Add Subtitle WordPress plugin through 1.1.0 does not sanitise or escape the sub-title field (available only with classic editor) when output in the page,...
CVE-2021-24895
The Cybersoldier WordPress plugin before 1.7.0 does not sanitise and escape the URL settings before outputting it in an attribute, which could allow high privilege...
CVE-2021-24692
The Simple Download Monitor WordPress plugin before 3.9.5 allows users with a role as low as Contributor to download any file on the web server...
Upcoming Speaking Events
This is a current list of where and when I am scheduled to speak: I’m participating in an online panel discussion on “Ukraine and Russia:...