Third parties spoil the party and WordPress content mismanagement

Weekly Security MashUp - July 3, 2018

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup.

FastBooking and BetVictor third parties spoil the security party, and a WordPress security flaw allows hackers to hijack entire websites. Watch to learn more:

Hundreds of hotels hit in FastBooking breach

via Dark Reading: FastBooking provides hotel booking software to 4,000 hotels in 100 countries. But as it turns out, its web application software wasn’t exactly vulnerability-free. And what happens to you and your customers when your third-party software isn’t secure? Watch to discover:

Online betting site left employees’ logins and passwords open to hackers

via Lorenzo Franceschi-Bicchierai, Motherboard: Last week, independent security researcher Chris Hogben was just gathering some information on BetVictor, a major betting and gaming site with a reported half million customers in more than 160 countries, when he stumbled across more than he was looking for. What did he find? View the segment:

Unpatched WordPress flaw gives attackers full control over your site

via Catalin Cimpanu, Motherboard: Researchers at RIPS Technologies reported last week on a vulnerability in the WordPress core that could allow a hacker to mismanage a WordPress site, to the point of hijacking the whole site and executing arbitrary code on the server. Watch the segment:

Subscribe to our blog to stay up-to-date with the latest cyber security news, including insider third-party data breaches, open source security vulnerabilities, and more.

Subscribe to our blog

*** This is a Security Bloggers Network syndicated blog from Software Integrity authored by Taylor Armerding. Read the original post at: