Critical Vulnerability in WordPress Plugin

Critical Vulnerability in Wordpress Plugin

High-Tech Bridge’s Research Team has identified a critical vulnerability in WordPress’ Gwolle Guestbook plugin, which has over 10,000 active installations. The vulnerability, a PHP File inclusion, could result in an attacker controlling a filename or reading and writing files, and arbitrary code on the target systems, with web server privileges. Marcel Pol, the vendor, has been […]

America’s Thrift Stores Data Breach

America's Thrift Stores Data Breach

As you’re probably aware, America’ Thrift Stores have announced that it recently learned it was the victim of a malware-driven security breach that targeted software used by a third-party service provider. “This breach allowed criminals from Eastern Europe unauthorized access to some payment card numbers,” the company’s CEO said in a statement. “This virus/malware, is […]

Dow Jones Discloses Data Breach

Dow Jones Discloses Data Breach

The latest victim of cybercrime is Dow Jones & Co., which revealed that it was attacked by hackers seeking customer contact information. While contact info was the target of the breach, up to 3,500 payment card accounts may have been compromised. Ken Westin, senior security analyst with Tripwire have the following comments on it. [su_note […]

EU Court Rules ‘Safe Harbour’ Invalid

EU Court Rules 'Safe Harbour' Invalid

The European Court of Justice has ruled that the ‘Safe Harbour’ agreement that allowed the transfer of European citizens’ data to the US is no longer valid. The EUCJ ruled that the agreement that went into force in 2000 was invalid because it does not adequately protect consumers in the wake of the Snowden revelations. This means that […]

Cost of Cyber Crime Up by $15mil

Cost of Cyber Crime Up by $15mil

The cost of cyber crime in the US has risen by $15 million according to a new Ponemon report sponsored by Hewlett-Packard. The Cost of Cyber Crime Study also examined global costs, which are not as high on average as those in the U.S. For the 2015 study, the global average annualized cost of cyber-crime […]

EMV Transition Considerations for Security Pros

Against the backdrop of an unprecedented growth of cybercrime, October 1 marked a significant milestone as the US embarked upon a program to mandate adoption of the EMV (Eurocard/Mastercard/Visa) card security standard to further reduce crime. Created in 1993, and based on an earlier European fraud-reduction standard established in 1986, EMV introduces chip-based security measures […]

Dynamic Software Reconciliation App

Dynamic Software Reconciliation App

Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, announced the new Dynamic Software Reconciliation App for Tripwire® Enterprise. The new app provides users with a reliable and authoritative method to identify all legitimate changes seen during and after security patch installation. The Tripwire Dynamic Software Reconciliation App dramatically reduces the […]

Lingering Data After Used Electronics are Resold Online

Lingering Data

57 Percent of Used Mobile Devices and 75 Percent of Used Drives Purchased from Amazon, eBay and Gazelle Have Unsuccessful Deletion Attempts Previously Made A new global data security study from Blancco Technology Group and Kroll Ontrack found varying amounts and types of residual data on used mobile devices, hard disk drives and solid state […]