WooCommerce Multi Currency Bug Allows Shoppers to Change eCommerce Pricing
The security vulnerability can be exploited with a malicious CSV file.
A security vulnerability in the WooCommerce Multi Currency plugin could allow any customer to change the pricing for products...
Industrial Networks See Sharp Uptick in Hackable Security Holes
Claroty reports that adversaries, CISOs and researchers have all turned their attention to finding critical security bugs in ICS networks.
It’s on: Adversaries, CISOs and researchers are all simultaneously involved...
Critical Security Hole Can Knock Smart Meters Offline
Unpatched Schneider Electric PowerLogic ION/PM smart meters are open to dangerous attacks.
Critical security vulnerabilities in Schneider Electric smart meters could allow an attacker a path to remote code execution...
Cyberattack on UVM Health Network Impedes Chemotherapy Appointments
The cyberattack has halted chemotherapy, mammogram and screening appointments, and led to 300 staff being furloughed or reassigned.
The University of Vermont (UVM) health network is scrambling to recover...
Discovery of 56 OT Device Flaws Blamed on Lackluster Security Culture
Culture of ‘insecure-by-design’ security is cited in discovery of bug-riddled operational technology devices.
Researchers discovered 56 vulnerabilities affecting devices from 10 operational technology (OT) vendors, most of which they’ve attributed...
Black Hat: Security Bugs Allow Takeover of Capsule Hotel Rooms
A researcher was able to remotely control the lights, bed and ventilation in “smart” hotel rooms via Nasnos vulnerabilities.
LAS VEGAS – A series of vulnerabilities in internet of things...
GrowDiaries Exposes Emails, Passwords of 1.4M Cannabis Growers
Cannabis journaling platform GrowDiaries exposed more than 3.4 million user records online, many from countries where pot is illegal.
A database linked to GrowDiaries, an online community of cannabis growers, has exposed...
Top Threats your Business Can Prevent on the DNS Level
Web-filtering solutions, a must-have for businesses of any size, will protect your corporate network from multiple origins.
The Domain Name System (DNS) is the underlying fabric that connects almost...
Monero-Mining Campaign Blue Mockingbird Exploits Web Apps
The cybercriminals are utilizing a deserialization weakness, CVE-2019-18935, to accomplish remote code execution before moving horizontally through the enterprise.
A Monero digital currency mining effort has developed that abuses a...
Cloud Attacks Are Bypassing MFA, Feds Warn
CISA has issued an alert warning that cloud services at U.S. organizations are being actively and successfully targeted.
The Feds are warning that cybercriminals are bypassing multi-factor authentication (MFA) and...
