WordPress Bit Form – Contact Form Plugin Plugin <= 2.13.10 is vulnerable to Arbitrary File Upload

Software Bit Form – Contact Form Plugin Type Plugin Vulnerable versions = 2.13.10 Fixed in 2.13.11 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-47319 Patch priority Low CVSS severity Low 8 Developer Claim ownership PSID 4ad1bd9ca230 Credits Certus Cybersecurity...

Webinar: Discover the All-in-One Cybersecurity Solution for SMBs

In today's digital battlefield, small and medium businesses SMBs face the same cyber threats as large corporations, but with fewer resources. Managed service providers MSPs are struggling to keep up with the demand for protection. If your current cybersecurity strategy feels like a house of cards...

CISA Announces Launch of Logging Made Easy

Today, CISA announces the launch of a new version of Logging Made Easy LMElink is external, a straightforward log management solution for Windows-based devices that can be downloaded and self-installed for free. CISA’s version reimagines technology developed by the United Kingdom’s National Cyber...

Is Cybersecurity Awareness Month Anything More Than PR?

Cybersecurity Awareness Month has been going on since 2004. This year, Cybersecurity Awareness Month urged the public, professionals, and industry partners to "see themselves in cyber" in the following ways: 1. The public, by taking action to stay safe online. 2. Professionals, by joining the cyb...

[The Lost Bots] S02E05: The real magic in the Magic Quadrant

!\The Lost Bots\ S02E05: The real magic in the Magic Quadranthttps://blog.rapid7.com/content/images/2022/10/The-Lost-Bots-logo-large.png In this episode, we discuss the best use of market research reports, like Magic Quadrants and Waves. If you're in the market for a new cybersecurity solution, d...

Business email compromise campaign targets wide range of orgs with gift card scam

Cybercriminals continue to target businesses to trick recipients into approving payments, transferring funds, or, in this case, purchasing gift cards. This kind of email attack is called business email compromise BEC—a damaging form of phishing designed to gain access to critical business...

Akamai Prolexic and Equinix Cloud Exchange Unite, Bringing DDoS Defense Closer to the Customer Origin

In terms of cyberthreats and digital risk, 2020 has been all about DDoS attacks. We've seen threat actors launch record breaking 1.44 Tbps and 809 Mpps attacks, cybercriminals conduct the largest global DDoS extortion campaign, and a significant uptick in cyberweek DDoS attacker activity aimed at...

Tigera Calico Information Disclosure Vulnerability

Tigera Calico is an open source cybersecurity solution for container, virtual machine, and host workloads from US-based Tigera. An information disclosure vulnerability exists in Tigera Calico 3.14.0 and earlier and Calico Enterprise 2.8.2 and earlier, which stems from a program that does not...

Webinar — Autonomous Breach Protection: The New Security Paradigm Shift

Organizations today struggle with multi-product security stacks, that are expensive to purchase and maintain and also require a highly skilled security team to manually integrate and operate. The current Coronavirus crisis that has imposed a strict quarantine on organizations and security teams...

Securing Our Connected Car Future with Panasonic

There are few more exciting frontiers of the Internet of Things IoT than connected cars. Gartner predicts that there will be 61 million vehicles with built-in connectivity on our roads by 2020. But as we drive ever closer to a future where autonomous vehicles are a commonplace sight, we must be...