News list page

A widely-publicised Drupal flaw dubbed "Drupalgeddon2" has been exploited to cryptojack more than 340 government, corporate, and university websites.

An AutoFill plugin offered to LinkedIn members was affected by a bug that could have allowed an attacker to steal users’ personal data without them knowing. LinkedIn has long offered an AutoFill button plugin for paying marketing solutions customers, who can add the button to their websites to let LinkedIn users fill in profile data with a single click. Unfortunately, little did uses know that they were exposing sensitive information like email addresses, telephone numbers and job details.

TaskRabbit, a web-based service that connects freelance handymen with clients in various local US markets, has emailed customers admitting it suffered a security breach. The company has taken down its app and website while law enforcement and a private cyber-security firm are investigating the incident. IT security experts commented below.

"Bug bounty programmes offer a way for organisations to 'outsource' application security testing, but it comes at a cost"

Martin Jartelius, CSO at security company Outpost24, advised Cisco customers to remove any switches they are not using to help mitigation against such attacks in future.

Martin Jartelius, CSO at Outpost24. “The breach occurred last year and remain undetected until a week ago. Customers should always be attentive to their card transactions.”

Usability and deployment options enable Scale and SWAT to meet a wider range of Application Security Testing needs

Acquisition accelerates delivery of cloud, container, and virtualized security assessments to reduce business risk

For almost two years, vulnerabilities identified by Outpost24 in several property management systems in Sweden were left unprotected, leaving it wide open for hackers to gain back door access to critical control systems for housing associations and commercial properties.

Outpost24, a leading provider of Vulnerability Management solutions for commercial and government organizations, announced today the newest versions of their solution for network, web application, and compliance scanning.  With the Autumn 2017 release, Outpost24 delivers innovative capabilities for any organization that is uncertain about their GDPR posture or how to monitor it over time.