Email Security Flaw Found in the Wild

Google’s Threat Analysis Group announced a zero-day against the Zimbra Collaboration email server that has been used against governments around the world.

TAG has observed four different groups exploiting the same bug to steal email data, user credentials, and authentication tokens. Most of this activity occurred after the initial fix became public on Github. To ensure protection against these types of exploits, TAG urges users and organizations to keep software fully up-to-date and apply security updates as soon as they become available.

The vulnerability was discovered in June. It has been patched…

Continue reading Email Security Flaw Found in the Wild

Quais são os tipos mais comuns de ciberataques?

Para que possamos nos proteger, precisamos entender como a ameaça funciona e de onde ela vem. Ciberameaças são tentativas maliciosas feitas a uma organização ou indivíduo para obter dados sensíveis e utilizá-los para benefício próprio.
Esses criminosos… Continue reading Quais são os tipos mais comuns de ciberataques?

Despite COVID-19 pandemic, Imperva reports number of vulnerabilities decreased in 2020

Imperva’s report, The State of Vulnerabilities in 2020 has revealed that unlike in previous years, researchers observed a fall in the number of vulnerabilities last year, even as businesses were compelled to accelerate digital transformation processes … Continue reading Despite COVID-19 pandemic, Imperva reports number of vulnerabilities decreased in 2020

Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover

Two security vulnerabilities — one a privilege-escalation problem and the other a stored XSS bug — afflict a WordPress plugin with 40,000 installs. Continue reading Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover

Bugcrowd Report Shows Marked Increase in Crowdsourced Security

The impact of the novel coronavirus pandemic on how enterprises work—and secure their workers and data—will last for years. And while the long-term ramifications are yet to be known, a recent survey from Bugcrowd shows a marked increase in crowdsource… Continue reading Bugcrowd Report Shows Marked Increase in Crowdsourced Security

Bug-Bounty Awards Spike 26% in 2020

The most-rewarded flaw is XSS, which is among those that are relatively cheap for organizations to identify. Continue reading Bug-Bounty Awards Spike 26% in 2020