-
Critical flaw found in WordPress plugin used on over 300,000 websites
A WordPress plugin used on over 300,000 websites has been found to contain vulnerabilities that could allow hackers to seize control. Security researchers at Wordfence found two critical flaws in the POST SMTP Mailer plugin. Read more in my article on the Tripwire State of Security blog. Read More
-
Environmental Websites Hit by DDoS Surge in COP28 Crossfire
Content delivery provider Cloudflare observed a staggering surge in DDoS attacks against environmental services during COP28 Read More
-
Voice Cloning with Very Short Samples
New research demonstrates voice cloning, in multiple languages, using samples ranging from one to twelve seconds. Research paper. Read More
-
British Library Catalogue Back Online After Ransomware Attack
The main British Library catalogue will be back online on Monday, January 15, as the institution continues its technical rebuild following the ransomware attack last year Read More
-
Security Experts Urge IT to Lock Down GitHub Services
A new Recorded Future report warns of growing abuse of GitHub and recommends blocking risky services Read More
-
HelloFresh Fined £140K After Sending 80 Million Spam Messages
The ICO has fined HelloFresh £140,000 for breaking privacy laws with a spam marketing campaign Read More
-
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking at the International PolCampaigns Expo (IPE24) in Cape Town, South Africa, January 25-26, 2024. The list is maintained on this page. Read More
-
Friday Squid Blogging: Giant Squid from Newfoundland in the 1800s
Interesting article, with photographs. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Read More
-
CISA Urges Critical Infrastructure to Patch Urgent ICS Vulnerabilities
CISA’s advisory provides mitigations for vulnerabilities in ICS products used in critical infrastructure industries like energy, manufacturing and transportation Read More
-
Waiting for Your Pay Raise? Cofense Warns Against HR-Related Scams
Email security provider Cofense outlined some of the most common HR-related scams and phishing campaigns it has observed Read More