This Month in Cybersecurity - January Edition

WordPress Plugin Containing Vulnerabilities Found in over 300,000 Websites

According to security researchers, there were two flaws found inside of a Mailer Plugin associated with WordPress hosted websites discovered in the month of December. The researchers stated that the flaws affected over 300,000 websites and were discovered within a few weeks of each other. One flaw allowed for the hijacking of the password reset function through the plugin’s authentication API and the other allowed for threat agents to insert dangerous or malicious code into the webpages.

Read More

Navigating the Challenges of SSPR: A Balanced View on the DFS Industry Letter

Discover practical insights in our latest blog post on navigating the complexities of Self-Service Password Reset (SSPR) systems for small businesses. As we delve into the New York State Department of Financial Services (DFS)'s recent guidelines, we uncover the unique challenges faced by smaller entities in implementing these security measures. Learn about the real-world implications of the DFS's recommendations and explore viable, resource-conscious compensating controls. This post is a must-read for small business owners and information security professionals seeking practical solutions in a landscape dominated by stringent security demands. Stay ahead in information security with our expert analysis and tailored advice.

Read More