News Posts

Millions of WordPress sites are being probed in automated attacks looking to exploit a recently discovered plugin vulnerability, according to security researchers. Wordfence, which itself produces a plugin for the platform, revealed news of the zero-day bug at the start of September. It affects File Manager which, as...

Luminate Education Group suffered a cyber attack last week that affected a number of Leeds-based colleges such as Leeds City College, Harrogate College, Keighley College, and University Centre Leeds. Earlier today, Luminate Education Group said the cyberattacks took place on 11th August and resulted in operational...

A vulnerability in the TeamViewer app could allow malicious actors to steal passwords. The high-severity flaw was discovered in the desktop version of the app for Windows before 15.8.3. By exploiting the weakness, authenticated threat actors operating remotely could execute code on victims’ systems or crack their TeamViewer passwords. TeamViewer...

Popular stock photo site Freepik has disclosed a major data breach affecting over eight million customers. The incident also affected users of the sister site Flaticon, which claims to run the world’s largest database of free icons. In a breach notice over the weekend, the firm claimed...

Nearly half (47%) of UK IT leaders have not updated their security strategies to account for their move to cloud environments, putting their organizations at higher risk of cyber-attack, according to a new study by Trend Micro commissioned for CLOUDSEC Online. This is despite the fact that traditional on-premises...

Almost two-fifths (39%) of British business decision makers have sacked employees because they breached corporate security policy during the pandemic, according to new data from Centrify. The IAM specialist polled 200 UK respondents to find out more about how COVID-19 and mass remote working has impacted corporate...

The company behind one of India’s most popular travel booking sites exposed 43GB of customer and corporate data before it was deleted by the infamous “Meow” attacker, according to researchers. A team at SafetyDetectives led by Anurag Sen discovered an Elasticsearch server without password protection or...

Nearly a quarter (23%) of UK office workers rely on unauthorized devices to work from home, a new study by CybSafe has found. The research revealed that poor personal cybersecurity practices are commonplace amongst workers operating outside of corporate environments, which is worrying as home working is expected to...

A social media data broker has exposed the public-facing profiles of 235 million users via a misconfigured online database, according to researchers. Comparitech teamed up with Bob Diachenko to uncover three identical copies of the data on August 1, left online with no password or other...