Unpatched Vulnerability: 50,000 WP Sites Must Find Alternative for Contact Form 7 Style
On December 9, 2020, the Wordfence Threat Intelligence team discovered a Cross-Site Request Forgery (CSRF) to Stored Cross Site Scripting (XSS) vulnerability in Contact Form 7 Style, a WordPress plugin…
Beware: New Matryosh DDoS Botnet Targeting Android-Based Devices
A nascent malware campaign has been spotted co-opting Android devices into a botnet with the primary purpose of carrying out distributed denial-of-service (DDoS) attacks. Called “Matryosh” by Qihoo 360’s Netlab…
How to Audit Password Changes in Active Directory
Today’s admins certainly have plenty on their plates, and boosting ecosystem security remains a top priority. On-premises, and especially remote, accounts are gateways for accessing critical information. Password management makes…
Vulnerability Reward Program: 2020 Year in Review
Posted by Anna Hupa, Senior Strategist, Vulnerability Rewards Team Despite the challenges of this unprecedented year, our vulnerability researchers have achieved more than ever before, partnering with our Vulnerability Reward…